4 matches found
CVE-2022-34208
A missing permission check in Jenkins Beaker builder Plugin 1.10 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL...
PT-2022-22077 Β· Jenkins Β· Jenkins Beaker Builder PluginΒ +1
Name of the Vulnerable Software and Affected Versions: Jenkins Beaker builder Plugin versions 1.10 and earlier Description: A cross-site request forgery CSRF issue allows attackers to connect to an attacker-specified URL. This can be exploited by attackers to perform unauthorized actions...
CVE-2019-10398
Jenkins Beaker Builder Plugin 1.9 and earlier stored credentials unencrypted in its global configuration file on the Jenkins master where they could be viewed by users with access to the master file system...
PT-2019-11792 Β· Jenkins Β· Jenkins Beaker Builder PluginΒ +1
Name of the Vulnerable Software and Affected Versions: Jenkins Beaker Builder Plugin versions 1.9 and earlier Description: The issue concerns the storage of credentials in the Jenkins Beaker Builder Plugin. Specifically, the plugin stored credentials unencrypted in its global configuration file o...