12 matches found
CVE-2026-57292
A cross-site request forgery CSRF vulnerability in Jenkins Gitee Plugin 1288.v18bdebc9069b and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method...
CVE-2026-57293
An incorrect permission check in Jenkins Gitee Plugin 1288.v18bdebc9069b and earlier allows attackers with global Item/Configure permission while lacking Item/Configure permission on any particular job to enumerate credentials IDs of credentials stored in Jenkins...
CVE-2026-57291
Missing permission checks in Jenkins Gitee Plugin 1288.v18bdebc9069b and earlier allow attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method...
CVE-2026-57293
An incorrect permission check in Jenkins Gitee Plugin 1288.v18bdebc9069b and earlier allows attackers with global Item/Configure permission while lacking Item/Configure permission on any particular job to enumerate credentials IDs of credentials stored in Jenkins...
CVE-2026-57293
CVE-2026-57293 affects the Jenkins Gitee Plugin (1288.v18b_deb_c9069b_ and earlier). The vulnerability is an incorrect permission check that lets an attacker with global Item/Configure permission, but without Item/Configure permission on any specific job, enumerate credentials IDs stored in Jenki...
EUVD-2026-38774
An incorrect permission check in Jenkins Gitee Plugin 1288.v18bdebc9069b and earlier allows attackers with global Item/Configure permission while lacking Item/Configure permission on any particular job to enumerate credentials IDs of credentials stored in Jenkins...
CVE-2026-57291
Missing permission checks in Jenkins Gitee Plugin 1288.v18bdebc9069b and earlier allow attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method...
CVE-2026-57292
A cross-site request forgery CSRF vulnerability in Jenkins Gitee Plugin 1288.v18bdebc9069b and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method...
CVE-2026-57292
The CVE-2026-57292 entry concerns the Jenkins Gitee Plugin (affected versions include 1288.v18b_deb_c9069b_ and earlier). The vulnerability is a cross-site request forgery (CSRF) that allows an attacker to cause the plugin to connect to an attacker-specified URL using attacker-specified credentia...
CVE-2026-57291
CVE-2026-57291 affects Jenkins Gitee Plugin (version 1288.v18b_deb_c9069b_ and earlier). The issue is missing permission checks in the plugin, allowing attackers with Overall/Read permissions to connect to an attacker-controlled URL using attacker-controlled credentials IDs obtained through anoth...
EUVD-2026-38772
Missing permission checks in Jenkins Gitee Plugin 1288.v18bdebc9069b and earlier allow attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method...
EUVD-2026-38773
A cross-site request forgery CSRF vulnerability in Jenkins Gitee Plugin 1288.v18bdebc9069b and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method...