36 matches found
CVE-2025-64150
The CVE-2025-64150 issue affects Jenkins Publish to Bitbucket Plugin 0.4 and earlier, where a missing permission check in an HTTP endpoint allows an attacker with Overall/Read permission to connect to an attacker‑specified URL using attacker‑specified credentials IDs. This can enable capture of c...
CVE-2025-64150
A missing permission check in Jenkins Publish to Bitbucket Plugin 0.4 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...
CVE-2025-64150
A missing permission check in Jenkins Publish to Bitbucket Plugin 0.4 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...
CVE-2025-64149
CVE-2025-64149 involves the Jenkins Publish to Bitbucket Plugin (versions 0.4 and earlier) with a CSRF vulnerability via an HTTP endpoint. An attacker with Overall/Read permission can initiate requests to an attacker-controlled URL using credentials IDs obtained through other means, potentially c...
CVE-2025-64148
A missing permission check in Jenkins Publish to Bitbucket Plugin 0.4 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins...
CVE-2025-64148
A missing permission check in Jenkins Publish to Bitbucket Plugin 0.4 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins...
PT-2025-44297
Name of the Vulnerable Software and Affected Versions Jenkins Publish to Bitbucket Plugin versions 0.4 and earlier Description A flaw exists in the Jenkins Publish to Bitbucket Plugin where a missing permission check allows attackers possessing Overall/Read permission to enumerate credential IDs...
Jenkins Publish to Bitbucket Plugin 安全漏洞
Jenkins Publish to Bitbucket Plugin is an automated publishing plugin for Jenkins open source. A security vulnerability exists in Jenkins Publish to Bitbucket Plugin version 0.4 and earlier, which stems from vulnerability to a cross-site request forgery attack that could lead to the capture of...
Jenkins Publish to Bitbucket Plugin 安全漏洞
Jenkins Publish to Bitbucket Plugin is an automated publishing plugin for Jenkins open source. A security vulnerability exists in Jenkins Publish to Bitbucket Plugin 0.4 and earlier versions, which stems from a lack of privilege checking and could lead an attacker to enumerate credential IDs stor...
PT-2025-44299
Name of the Vulnerable Software and Affected Versions Jenkins Publish to Bitbucket Plugin versions 0.4 and earlier Description A flaw exists where a missing permission check allows attackers possessing Overall/Read permission to establish a connection to a URL specified by the attacker, utilizing...
EUVD-2017-8031
Malware in sbrugna...
EUVD-2022-0711
Malicious code in bioql PyPI...
EUVD-2024-2206
Malicious code in bioql PyPI...
EUVD-2024-0958
Malicious code in bioql PyPI...
CVE-2023-41937
Jenkins Bitbucket Push and Pull Request Plugin 2.4.0 through 2.8.3 both inclusive trusts values provided in the webhook payload, including certain URLs, and uses configured Bitbucket credentials to connect to those URLs, allowing attackers to capture Bitbucket credentials stored in Jenkins by...
CVE-2023-41937
Jenkins Bitbucket Push and Pull Request Plugin 2.4.0 through 2.8.3 both inclusive trusts values provided in the webhook payload, including certain URLs, and uses configured Bitbucket credentials to connect to those URLs, allowing attackers to capture Bitbucket credentials stored in Jenkins by...