CVE-2023-24425

Jenkins Kubernetes Credentials Provider Plugin 1.208.v128ee9800c04 and earlier does not set the appropriate context for Kubernetes credentials lookup, allowing attackers with Item/Configure permission to access and potentially capture Kubernetes credentials they are not entitled to...

Jenkins Plugin Kubernetes Credentials Provider 安全漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. Jenkins Plugin A security...

CVE-2023-24425

Jenkins Kubernetes Credentials Provider Plugin 1.208.v128ee9800c04 and earlier does not set the appropriate context for Kubernetes credentials lookup, allowing attackers with Item/Configure permission to access and potentially capture Kubernetes credentials they are not entitled to...

PT-2022-20407 · Jenkins · Blue Ocean Credentials Provider +2

Name of the Vulnerable Software and Affected Versions: Jenkins Pipeline SCM API for Blue Ocean Plugin versions 1.25.3 and earlier Description: The issue allows attackers with Job/Configure permission to access credentials with attacker-specified IDs stored in the private per-user credentials stor...