May 4, 2024 · Enables user authorization using a Role-Based strategy. Roles can be defined globally or for particular jobs or nodes selected by regular expressions.

Jan 24, 2024 · This allows attackers to read arbitrary files on the Jenkins controller file system using the default character encoding of the Jenkins controller process.

Jul 12, 2023 · This allows attackers with Item/Build permission to have Jenkins parse a crafted HTTP request with XML data that uses external entities for extraction of ...

Sep 20, 2023 · This allows attackers with Item/Read permission to obtain values of sensitive variables used in builds by iteratively testing different characters until the ...

Jun 14, 2023 · This allows attackers with Item/Configure permission to access and capture credentials they are not entitled to. Dimensions Plugin 0.9.3.1 defines the ...

Dec 13, 2023 · CSRF vulnerability and missing permission checks in Nexus Platform Plugin allow XXE. SECURITY-3204 / CVE-2023-50766 (CSRF), CVE-2023-50767 (missing permission ...

Oct 25, 2023 · This allows attackers with Item/Configure permission to access and capture credentials they are not entitled to. Warnings Plugin 10.5.1 defines the appropriate ...

Apr 26, 2024 · This plugin allows to define external resources (such as printers, phones, computers) that can be locked by builds. If a build requires an external resource ...

Issues · Releases · Dependencies

May 2, 2024 · These vulnerabilities allow attackers with permission to define and run sandboxed scripts, including Pipelines, to bypass the sandbox protection and execute ...