CVE-2017-1000106

Blue Ocean allows the creation of GitHub organization folders that are set up to scan a GitHub organization for repositories and branches containing a Jenkinsfile, and create corresponding pipelines in Jenkins. Its SCM content REST API supports the pipeline creation and editing feature in Blue...

Information Disclosure

org.jenkins-ci.plugins, cloudbees-folder is vulnerable to Information Disclosure. The vulnerability exists because the library does not properly restrict the organization folder log file location, which allows an attacker to gain access to sensitive information in the system...

CVE-2023-40338

A flaw was found in the Jenkins Folders plugin. Affected versions of this plugin display an error message that includes an absolute path of a log file when attempting to access the Scan Organization Folder Log if no logs are available. This flaw exposes information about the Jenkins controller fi...

CVE-2023-40338

Jenkins Folders Plugin 6.846.v23698686f0f6 and earlier displays an error message that includes an absolute path of a log file when attempting to access the Scan Organization Folder Log if no logs are available, exposing information about the Jenkins controller file system...

CVE-2023-40338

Jenkins Folders Plugin 6.846.v23698686f0f6 and earlier displays an error message that includes an absolute path of a log file when attempting to access the Scan Organization Folder Log if no logs are available, exposing information about the Jenkins controller file system...

CVE-2023-40338

Jenkins Folders Plugin 6.846.v23698686f0f6 and earlier exposes the absolute path to a log file in the error message when accessing Scan Organization Folder Log without logs. This information disclosure vulnerability (CVE-2023-40338) has a confirmed fix in 6.848.ve3b_fd7839a_81 and newer; remediat...

CVE-2023-40338

Jenkins Folders Plugin 6.846.v23698686f0f6 and earlier displays an error message that includes an absolute path of a log file when attempting to access the Scan Organization Folder Log if no logs are available, exposing information about the Jenkins controller file system...

GHSA-QGJQ-M78X-4GM8 Improper Authentication in Jenkins Blue Ocean Plugin

Blue Ocean allows the creation of GitHub organization folders that are set up to scan a GitHub organization for repositories and branches containing a Jenkinsfile, and create corresponding pipelines in Jenkins. Its SCM content REST API supports the pipeline creation and editing feature in Blue...

Improper Authentication in Jenkins Blue Ocean Plugin

Blue Ocean allows the creation of GitHub organization folders that are set up to scan a GitHub organization for repositories and branches containing a Jenkinsfile, and create corresponding pipelines in Jenkins. It did not properly check the current user's authentication and authorization when...