Lucene search
K

36 matches found

CVE
CVE
added 2025/10/29 1:29 p.m.62 views

CVE-2025-64150

The CVE-2025-64150 issue affects Jenkins Publish to Bitbucket Plugin 0.4 and earlier, where a missing permission check in an HTTP endpoint allows an attacker with Overall/Read permission to connect to an attacker‑specified URL using attacker‑specified credentials IDs. This can enable capture of c...

5.4CVSS6.2AI score0.00222EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2025/10/29 1:29 p.m.8 views

CVE-2025-64150

A missing permission check in Jenkins Publish to Bitbucket Plugin 0.4 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

0.00222EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/10/29 1:29 p.m.3 views

CVE-2025-64150

A missing permission check in Jenkins Publish to Bitbucket Plugin 0.4 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

6.2AI score0.00222EPSS
Exploits0References1
CVE
CVE
added 2025/10/29 1:29 p.m.412 views

CVE-2025-64149

CVE-2025-64149 involves the Jenkins Publish to Bitbucket Plugin (versions 0.4 and earlier) with a CSRF vulnerability via an HTTP endpoint. An attacker with Overall/Read permission can initiate requests to an attacker-controlled URL using credentials IDs obtained through other means, potentially c...

5.4CVSS6.3AI score0.00188EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2025/10/29 1:29 p.m.2 views

CVE-2025-64148

A missing permission check in Jenkins Publish to Bitbucket Plugin 0.4 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins...

6.2AI score0.00245EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/10/29 1:29 p.m.14 views

CVE-2025-64148

A missing permission check in Jenkins Publish to Bitbucket Plugin 0.4 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins...

0.00245EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/10/29 12:0 a.m.9 views

PT-2025-44297

Name of the Vulnerable Software and Affected Versions Jenkins Publish to Bitbucket Plugin versions 0.4 and earlier Description A flaw exists in the Jenkins Publish to Bitbucket Plugin where a missing permission check allows attackers possessing Overall/Read permission to enumerate credential IDs...

4.3CVSS6.1AI score0.00245EPSS
Exploits0References7
CNNVD
CNNVD
added 2025/10/29 12:0 a.m.5 views

Jenkins Publish to Bitbucket Plugin 安全漏洞

Jenkins Publish to Bitbucket Plugin is an automated publishing plugin for Jenkins open source. A security vulnerability exists in Jenkins Publish to Bitbucket Plugin version 0.4 and earlier, which stems from vulnerability to a cross-site request forgery attack that could lead to the capture of...

5.4CVSS6.3AI score0.00188EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/10/29 12:0 a.m.5 views

Jenkins Publish to Bitbucket Plugin 安全漏洞

Jenkins Publish to Bitbucket Plugin is an automated publishing plugin for Jenkins open source. A security vulnerability exists in Jenkins Publish to Bitbucket Plugin 0.4 and earlier versions, which stems from a lack of privilege checking and could lead an attacker to enumerate credential IDs stor...

4.3CVSS6.5AI score0.00245EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/10/29 12:0 a.m.8 views

PT-2025-44299

Name of the Vulnerable Software and Affected Versions Jenkins Publish to Bitbucket Plugin versions 0.4 and earlier Description A flaw exists where a missing permission check allows attackers possessing Overall/Read permission to establish a connection to a URL specified by the attacker, utilizing...

5.4CVSS6.2AI score0.00222EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.9 views

EUVD-2017-8031

Malware in sbrugna...

8.5CVSS8.6AI score0.00591EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.10 views

EUVD-2022-0711

Malicious code in bioql PyPI...

4.3CVSS4.9AI score0.00852EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.9 views

EUVD-2024-2206

Malicious code in bioql PyPI...

4.3CVSS4.5AI score0.00489EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-0958

Malicious code in bioql PyPI...

6.3CVSS6.4AI score0.00556EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/05/23 4:18 a.m.9 views

CVE-2023-41937

Jenkins Bitbucket Push and Pull Request Plugin 2.4.0 through 2.8.3 both inclusive trusts values provided in the webhook payload, including certain URLs, and uses configured Bitbucket credentials to connect to those URLs, allowing attackers to capture Bitbucket credentials stored in Jenkins by...

7.5CVSS6.5AI score0.00566EPSS
Exploits0
OSV
OSV
added 2023/09/06 1:15 p.m.5 views

CVE-2023-41937

Jenkins Bitbucket Push and Pull Request Plugin 2.4.0 through 2.8.3 both inclusive trusts values provided in the webhook payload, including certain URLs, and uses configured Bitbucket credentials to connect to those URLs, allowing attackers to capture Bitbucket credentials stored in Jenkins by...

7.5CVSS5.8AI score0.00566EPSS
Exploits0References2
Rows per page
Query Builder