11 matches found
CVE-2025-64132
Jenkins MCP Server Plugin 0.84.v50ca24ef83f2 and earlier does not perform permission checks in multiple MCP tools, allowing attackers to trigger builds and obtain information about job and cloud configuration they should not be able to access...
CVE-2025-64132
Jenkins MCP Server Plugin 0.84.v50ca24ef83f2 and earlier does not perform permission checks in multiple MCP tools, allowing attackers to trigger builds and obtain information about job and cloud configuration they should not be able to access...
CVE-2025-64132
Jenkins MCP Server Plugin 0.84.v50ca24ef83f2 and earlier does not perform permission checks in multiple MCP tools, allowing attackers to trigger builds and obtain information about job and cloud configuration they should not be able to access...
CVE-2025-64132
CVE-2025-64132 affects Jenkins MCP Server Plugin versions up to 0.84.v50ca_24ef83f2 and earlier. The root cause is missing permission checks in multiple MCP tools, allowing attackers to trigger builds and view information about jobs and cloud configuration that should be restricted. Publicly docu...
EUVD-2023-2345
Malicious code in bioql PyPI...
CVE-2022-45389
A missing permission check in Jenkins XP-Dev Plugin 1.0 and earlier allows unauthenticated attackers to trigger builds of jobs corresponding to an attacker-specified repository...
PT-2024-22305 Ā· Jenkins Ā· Jenkins Subversion Partial Release Manager PluginĀ +1
Name of the Vulnerable Software and Affected Versions: Jenkins Subversion Partial Release Manager Plugin versions 1.0.1 and earlier Description: A missing permission check in the plugin allows attackers with Item/Read permission to trigger a build. Recommendations: For Jenkins Subversion Partial...
CVE-2023-30522
A missing permission check in Jenkins Fogbugz Plugin 2.2.17 and earlier allows attackers with Item/Read permission to trigger builds of jobs specified in a 'jobname' request parameter...
CVE-2022-41238
A missing permission check in Jenkins DotCi Plugin 2.40.00 and earlier allows unauthenticated attackers to trigger builds of jobs corresponding to the attacker-specified repository for attacker-specified commits...
jenkins -- multiple vulnerabilities
Jenkins Security Advisory: Description Medium SECURITY-2558 / CVE-2022-20612 CSRF vulnerability in build triggers...
Moderate: Red Hat Security Advisory: Red Hat Quay v3.3.1 security update
An update is now available for Red Hat Quay 3.3 Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...