967 matches found
CVE-2025-64150
A missing permission check in Jenkins Publish to Bitbucket Plugin 0.4 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...
CVE-2025-64148
A missing permission check in Jenkins Publish to Bitbucket Plugin 0.4 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins...
CVE-2025-64149
A cross-site request forgery CSRF vulnerability in Jenkins Publish to Bitbucket Plugin 0.4 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...
CVE-2025-64150
A missing permission check in Jenkins Publish to Bitbucket Plugin 0.4 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...
CVE-2025-64149
A cross-site request forgery CSRF vulnerability in Jenkins Publish to Bitbucket Plugin 0.4 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...
CVE-2025-64150
The CVE-2025-64150 issue affects Jenkins Publish to Bitbucket Plugin 0.4 and earlier, where a missing permission check in an HTTP endpoint allows an attacker with Overall/Read permission to connect to an attacker‑specified URL using attacker‑specified credentials IDs. This can enable capture of c...
CVE-2025-64150
A missing permission check in Jenkins Publish to Bitbucket Plugin 0.4 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...
CVE-2025-64150
A missing permission check in Jenkins Publish to Bitbucket Plugin 0.4 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...
CVE-2025-64149
CVE-2025-64149 involves the Jenkins Publish to Bitbucket Plugin (versions 0.4 and earlier) with a CSRF vulnerability via an HTTP endpoint. An attacker with Overall/Read permission can initiate requests to an attacker-controlled URL using credentials IDs obtained through other means, potentially c...
CVE-2025-64148
CVE-2025-64148: Jenkins Publish to Bitbucket Plugin 0.4 and earlier has a missing permission check that allows users with Overall/Read permission to enumerate credentials IDs stored in Jenkins. Connected advisories (Red Hat, GitHub GHSA, OSV, EUVD, NVD, etc.) corroborate the issue and impact. The...
CVE-2025-64148
A missing permission check in Jenkins Publish to Bitbucket Plugin 0.4 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins...
CVE-2025-64149
A cross-site request forgery CSRF vulnerability in Jenkins Publish to Bitbucket Plugin 0.4 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...
CVE-2025-64148
A missing permission check in Jenkins Publish to Bitbucket Plugin 0.4 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins...
CVE-2025-64149
A cross-site request forgery CSRF vulnerability in Jenkins Publish to Bitbucket Plugin 0.4 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...
Jenkins Publish to Bitbucket Plugin 安全漏洞
Jenkins Publish to Bitbucket Plugin is an open source automated publishing plugin for Jenkins. A security vulnerability exists in Jenkins Publish to Bitbucket Plugin version 0.4 and earlier, which stems from a lack of privilege checking and could lead to an attacker capturing credentials stored i...
PT-2025-44297
Name of the Vulnerable Software and Affected Versions Jenkins Publish to Bitbucket Plugin versions 0.4 and earlier Description A flaw exists in the Jenkins Publish to Bitbucket Plugin where a missing permission check allows attackers possessing Overall/Read permission to enumerate credential IDs...
PT-2025-44299
Name of the Vulnerable Software and Affected Versions Jenkins Publish to Bitbucket Plugin versions 0.4 and earlier Description A flaw exists where a missing permission check allows attackers possessing Overall/Read permission to establish a connection to a URL specified by the attacker, utilizing...
Jenkins Publish to Bitbucket Plugin 安全漏洞
Jenkins Publish to Bitbucket Plugin is an automated publishing plugin for Jenkins open source. A security vulnerability exists in Jenkins Publish to Bitbucket Plugin version 0.4 and earlier, which stems from vulnerability to a cross-site request forgery attack that could lead to the capture of...
PT-2025-44298
Name of the Vulnerable Software and Affected Versions Jenkins Publish to Bitbucket Plugin versions 0.4 and earlier Description A cross-site request forgery CSRF flaw exists in the Jenkins Publish to Bitbucket Plugin. This issue allows attackers to connect to a URL specified by the attacker,...
Jenkins Publish to Bitbucket Plugin 安全漏洞
Jenkins Publish to Bitbucket Plugin is an automated publishing plugin for Jenkins open source. A security vulnerability exists in Jenkins Publish to Bitbucket Plugin 0.4 and earlier versions, which stems from a lack of privilege checking and could lead an attacker to enumerate credential IDs stor...