2 matches found
CVE-2024-34147
CVE-2024-34147 affects the Jenkins Telegram Bot Plugin (versions 1.4.0 and earlier). The vulnerability stems from storing the Telegram Bot token in plaintext in the global configuration file on the Jenkins controller (jenkinsci.plugins.telegrambot.TelegramBotGlobalConfiguration.xml), which can be...
Jenkins plugins Multiple Vulnerabilities (2024-05-02)
According to their self-reported version numbers, the version of Jenkins plugins running on the remote web server are affected by multiple vulnerabilities: - High Script Security Plugin provides a sandbox feature that allows low privileged users to define scripts, including Pipelines, that are...