CVE-2022-27208

Jenkins Kubernetes Continuous Deploy Plugin 2.3.1 and earlier allows users with Credentials/Create permission to read arbitrary files on the Jenkins controller...

EUVD-2022-3680

Malicious code in bioql PyPI...

EUVD-2022-3862

Malicious code in bioql PyPI...

EUVD-2022-3783

Malicious code in bioql PyPI...

EUVD-2022-5292

Malicious code in bioql PyPI...

EUVD-2023-1395

Malicious code in bioql PyPI...

EUVD-2022-3821

Malicious code in bioql PyPI...

CVE-2021-21661

Jenkins Kubernetes CLI Plugin 1.10.0 and earlier does not perform permission checks in several HTTP endpoints, allowing attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins...

CVE-2023-30513

Jenkins Kubernetes Plugin 3909.v1f2c633e8590 and earlier does not properly mask i.e., replace with asterisks credentials in the build log when push mode for durable task logging is enabled...

Jenkins Plugin Kubernetes 安全漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...

GHSA-V67X-GPG7-MWV3 Exposure of Sensitive Information in Jenkins Kubernetes Plugin

A exposure of sensitive information vulnerability exists in Jenkins Kubernetes Plugin 1.7.0 and older in ContainerExecDecorator.java that results in sensitive variables such as passwords being written to logs...

jenkins-2-plugins/kubernetes: Missing permission check in Kubernetes Plugin allows listing pod templates

A missing permission check in Jenkins Kubernetes Plugin 1.27.3 and earlier allows attackers with Overall/Read permission to list global pod template names...

CVE-2020-2309

A missing/An incorrect permission check in Jenkins Kubernetes Plugin 1.27.3 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins...

CVE-2020-2309

A missing/An incorrect permission check in Jenkins Kubernetes Plugin 1.27.3 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins...

CVE-2020-2308

A missing permission check in Jenkins Kubernetes Plugin 1.27.3 and earlier allows attackers with Overall/Read permission to list global pod template names...

Information disclosure

A missing permission check in Jenkins Kubernetes Plugin 1.27.3 and earlier allows attackers with Overall/Read permission to list global pod template names...

CVE-2020-2308

A missing permission check in Jenkins Kubernetes Plugin 1.27.3 and earlier allows attackers with Overall/Read permission to list global pod template names...

PT-2020-15538 · Jenkins · Jenkins Kubernetes Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Kubernetes Plugin versions 1.27.3 and earlier Jenkins Kubernetes Plugin versions prior to 1.27.4 Jenkins Kubernetes Plugin versions prior to 1.26.5 Jenkins Kubernetes Plugin versions prior to 1.25.4.1 Jenkins Kubernetes Plugin version...

CVE-2020-2121

Jenkins Google Kubernetes Engine Plugin 0.8.0 and earlier does not configure its YAML parser to prevent the instantiation of arbitrary types, resulting in a remote code execution vulnerability...

CVE-2018-1999040

An exposure of sensitive information vulnerability exists in Jenkins Kubernetes Plugin 1.10.1 and earlier in KubernetesCloud.java that allows attackers to capture credentials with a known credentials ID stored in Jenkins...