6 matches found
EUVD-2022-5509
Malicious code in bioql PyPI...
CloudBees Jenkins GitHub Branch Source Plugin Server-Side Request Forgery Vulnerability
CloudBees Jenkins is a set of Java-based continuous integration tools , it is mainly used to monitor the continuous software version of the release/testing project and some of the timed execution of the task . GitHub Branch Source Plugin is used in one of the Jenkins used to view, operate the...
CVE-2018-1000185
A server-side request forgery vulnerability exists in Jenkins GitHub Branch Source Plugin 2.3.4 and older in Endpoint.java that allows attackers with Overall/Read access to cause Jenkins to send a GET request to a specified URL...
CVE-2018-1000185
A server-side request forgery vulnerability exists in Jenkins GitHub Branch Source Plugin 2.3.4 and older in Endpoint.java that allows attackers with Overall/Read access to cause Jenkins to send a GET request to a specified URL...
CVE-2017-1000091
GitHub Branch Source Plugin connects to a user-specified GitHub API URL e.g. GitHub Enterprise as part of form validation and completion e.g. to verify Scan Credentials are correct. This functionality improperly checked permissions, allowing any user with Overall/Read access to Jenkins to connect...
CVE-2017-1000091
GitHub Branch Source Plugin connects to a user-specified GitHub API URL e.g. GitHub Enterprise as part of form validation and completion e.g. to verify Scan Credentials are correct. This functionality improperly checked permissions, allowing any user with Overall/Read access to Jenkins to connect...