3 matches found
CVE-2023-49654
Missing permission checks in Jenkins MATLAB Plugin 2.11.0 and earlier allow attackers to have Jenkins parse an XML file from the Jenkins controller file system...
CVE-2023-49654
CVE-2023-49654 affects the Jenkins MATLAB Plugin (versions 2.11.0 and earlier). The root cause is missing permission checks across several HTTP endpoints that perform related form validation and the plugin’s XML parser not being configured to prevent XML external entity (XXE) attacks. It determin...
Jenkins plugins Multiple Vulnerabilities (2023-11-29)
According to their self-reported version numbers, the version of Jenkins plugins running on the remote web server are affected by multiple vulnerabilities: - Medium Jira Plugin 3.11 and earlier does not set the appropriate context for credentials lookup, allowing the use of system-scoped...