Lucene search
K

967 matches found

NVD
NVD
added 2025/10/29 2:15 p.m.7 views

CVE-2025-64150

A missing permission check in Jenkins Publish to Bitbucket Plugin 0.4 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

5.4CVSS0.00222EPSS
Exploits0References2
NVD
NVD
added 2025/10/29 2:15 p.m.9 views

CVE-2025-64148

A missing permission check in Jenkins Publish to Bitbucket Plugin 0.4 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins...

4.3CVSS0.00245EPSS
Exploits0References2
NVD
NVD
added 2025/10/29 2:15 p.m.5 views

CVE-2025-64149

A cross-site request forgery CSRF vulnerability in Jenkins Publish to Bitbucket Plugin 0.4 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

5.4CVSS0.00188EPSS
Exploits0References2
OSV
OSV
added 2025/10/29 2:15 p.m.3 views

CVE-2025-64150

A missing permission check in Jenkins Publish to Bitbucket Plugin 0.4 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

5.4CVSS5.8AI score0.00222EPSS
Exploits0References2
OSV
OSV
added 2025/10/29 2:15 p.m.5 views

CVE-2025-64149

A cross-site request forgery CSRF vulnerability in Jenkins Publish to Bitbucket Plugin 0.4 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

5.4CVSS5.7AI score0.00188EPSS
Exploits0References2
CVE
CVE
added 2025/10/29 1:29 p.m.62 views

CVE-2025-64150

The CVE-2025-64150 issue affects Jenkins Publish to Bitbucket Plugin 0.4 and earlier, where a missing permission check in an HTTP endpoint allows an attacker with Overall/Read permission to connect to an attacker‑specified URL using attacker‑specified credentials IDs. This can enable capture of c...

5.4CVSS6.2AI score0.00222EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2025/10/29 1:29 p.m.3 views

CVE-2025-64150

A missing permission check in Jenkins Publish to Bitbucket Plugin 0.4 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

6.2AI score0.00222EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/10/29 1:29 p.m.9 views

CVE-2025-64150

A missing permission check in Jenkins Publish to Bitbucket Plugin 0.4 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

0.00222EPSS
Exploits0References1
CVE
CVE
added 2025/10/29 1:29 p.m.412 views

CVE-2025-64149

CVE-2025-64149 involves the Jenkins Publish to Bitbucket Plugin (versions 0.4 and earlier) with a CSRF vulnerability via an HTTP endpoint. An attacker with Overall/Read permission can initiate requests to an attacker-controlled URL using credentials IDs obtained through other means, potentially c...

5.4CVSS6.3AI score0.00188EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2025/10/29 1:29 p.m.402 views

CVE-2025-64148

CVE-2025-64148: Jenkins Publish to Bitbucket Plugin 0.4 and earlier has a missing permission check that allows users with Overall/Read permission to enumerate credentials IDs stored in Jenkins. Connected advisories (Red Hat, GitHub GHSA, OSV, EUVD, NVD, etc.) corroborate the issue and impact. The...

4.3CVSS6.2AI score0.00245EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2025/10/29 1:29 p.m.2 views

CVE-2025-64148

A missing permission check in Jenkins Publish to Bitbucket Plugin 0.4 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins...

6.2AI score0.00245EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/10/29 1:29 p.m.3 views

CVE-2025-64149

A cross-site request forgery CSRF vulnerability in Jenkins Publish to Bitbucket Plugin 0.4 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

6.3AI score0.00188EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/10/29 1:29 p.m.16 views

CVE-2025-64148

A missing permission check in Jenkins Publish to Bitbucket Plugin 0.4 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins...

0.00245EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/10/29 1:29 p.m.10 views

CVE-2025-64149

A cross-site request forgery CSRF vulnerability in Jenkins Publish to Bitbucket Plugin 0.4 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

0.00188EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/10/29 12:0 a.m.7 views

Jenkins Publish to Bitbucket Plugin 安全漏洞

Jenkins Publish to Bitbucket Plugin is an open source automated publishing plugin for Jenkins. A security vulnerability exists in Jenkins Publish to Bitbucket Plugin version 0.4 and earlier, which stems from a lack of privilege checking and could lead to an attacker capturing credentials stored i...

5.4CVSS6.5AI score0.00222EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/10/29 12:0 a.m.9 views

PT-2025-44297

Name of the Vulnerable Software and Affected Versions Jenkins Publish to Bitbucket Plugin versions 0.4 and earlier Description A flaw exists in the Jenkins Publish to Bitbucket Plugin where a missing permission check allows attackers possessing Overall/Read permission to enumerate credential IDs...

4.3CVSS6.1AI score0.00245EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2025/10/29 12:0 a.m.17 views

PT-2025-44299

Name of the Vulnerable Software and Affected Versions Jenkins Publish to Bitbucket Plugin versions 0.4 and earlier Description A flaw exists where a missing permission check allows attackers possessing Overall/Read permission to establish a connection to a URL specified by the attacker, utilizing...

5.4CVSS6.2AI score0.00222EPSS
Exploits0References7
CNNVD
CNNVD
added 2025/10/29 12:0 a.m.5 views

Jenkins Publish to Bitbucket Plugin 安全漏洞

Jenkins Publish to Bitbucket Plugin is an automated publishing plugin for Jenkins open source. A security vulnerability exists in Jenkins Publish to Bitbucket Plugin version 0.4 and earlier, which stems from vulnerability to a cross-site request forgery attack that could lead to the capture of...

5.4CVSS6.3AI score0.00188EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/10/29 12:0 a.m.4 views

PT-2025-44298

Name of the Vulnerable Software and Affected Versions Jenkins Publish to Bitbucket Plugin versions 0.4 and earlier Description A cross-site request forgery CSRF flaw exists in the Jenkins Publish to Bitbucket Plugin. This issue allows attackers to connect to a URL specified by the attacker,...

5.4CVSS6.4AI score0.00188EPSS
Exploits0References6
CNNVD
CNNVD
added 2025/10/29 12:0 a.m.6 views

Jenkins Publish to Bitbucket Plugin 安全漏洞

Jenkins Publish to Bitbucket Plugin is an automated publishing plugin for Jenkins open source. A security vulnerability exists in Jenkins Publish to Bitbucket Plugin 0.4 and earlier versions, which stems from a lack of privilege checking and could lead an attacker to enumerate credential IDs stor...

4.3CVSS6.5AI score0.00245EPSS
Exploits0References2
Rows per page
Query Builder