105 matches found
CVE-2024-39460
Jenkins Bitbucket Branch Source Plugin 886.v44cf5e4ecec5 and earlier prints the Bitbucket OAuth access token as part of the Bitbucket URL in the build log in some cases...
CVE-2024-39460
Summary: CVE-2024-39460 affects Jenkins Bitbucket Branch Source Plugin 886.v44cf5e4ecec5 and earlier. In certain cases it prints the Bitbucket OAuth access token as part of the Bitbucket URL in the build log, exposing credentials. The OSV entry notes that plugin 887.va_d359b_3d2d8d does not inclu...
CVE-2024-39460
Jenkins Bitbucket Branch Source Plugin 886.v44cf5e4ecec5 and earlier prints the Bitbucket OAuth access token as part of the Bitbucket URL in the build log in some cases...
CVE-2024-39460
Jenkins Bitbucket Branch Source Plugin 886.v44cf5e4ecec5 and earlier prints the Bitbucket OAuth access token as part of the Bitbucket URL in the build log in some cases...
[SECURITY] Fedora 39 Update: rust-gst-plugin-reqwest-0.12.4-2.fc39
GStreamer reqwest HTTP Source Plugin...
[SECURITY] Fedora 40 Update: rust-gst-plugin-reqwest-0.12.4-2.fc40
GStreamer reqwest HTTP Source Plugin...
fastify session 安全漏洞
fastify session is an open source plugin for fastify. A security vulnerability exists in fastify session version 10.8.0 and earlier that stems from the reuse of a corrupted session cookie...
GHSA-JV32-5578-PXJC Grafana Data source and plugin proxy endpoints leaking authentication tokens to some destination plugins
Today we are releasing Grafana 9.2. Alongside with new features and other bug fixes, this release includes a Moderate severity security fix for CVE-2022-31130 We are also releasing security patches for Grafana 9.1.8 and Grafana 8.5.14 to fix these issues. Release 9.2, latest release, also...
Fedora: Security Advisory for maven-source-plugin (FEDORA-2024-129d8ca6fc)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 40 Update: maven-source-plugin-3.3.0-6.fc40
The Maven Source Plugin creates a JAR archive of the source files of the current project...
Jenkins Bitbucket Branch Source Plugin has incorrect trust policy behavior for pull requests
In Jenkins Bitbucket Branch Source Plugin 866.vdea7dcd3008e and earlier, except 848.850.v6aa2a234ac81, when discovering pull requests from forks, the trust policy "Forks in the same account" allows changes to Jenkinsfiles from users without write access to the project when using Bitbucket Server...
CVE-2024-28152
In Jenkins Bitbucket Branch Source Plugin 866.vdea7dcd3008e and earlier, except 848.850.v6aa2a234ac81, when discovering pull requests from forks, the trust policy "Forks in the same account" allows changes to Jenkinsfiles from users without write access to the project when using Bitbucket Server...
CVE-2024-28152
In Jenkins Bitbucket Branch Source Plugin 866.vdea7dcd3008e and earlier, except 848.850.v6aa2a234ac81, when discovering pull requests from forks, the trust policy "Forks in the same account" allows changes to Jenkinsfiles from users without write access to the project when using Bitbucket Server...
Design/Logic Flaw
In Jenkins Bitbucket Branch Source Plugin 866.vdea7dcd3008e and earlier, except 848.850.v6aa2a234ac81, when discovering pull requests from forks, the trust policy "Forks in the same account" allows changes to Jenkinsfiles from users without write access to the project when using Bitbucket Server...
CVE-2024-28152
CVE-2024-28152 affects the Jenkins Bitbucket Branch Source Plugin (866.vdea_7dcd3008e and earlier, excluding 848.850.v6a_a_2a_234a_c81). The root cause is a misconfigured trust policy for pull requests from forks, where the policy "Forks in the same account" can allow changes to Jenkinsfiles from...
CVE-2024-28152
In Jenkins Bitbucket Branch Source Plugin 866.vdea7dcd3008e and earlier, except 848.850.v6aa2a234ac81, when discovering pull requests from forks, the trust policy "Forks in the same account" allows changes to Jenkinsfiles from users without write access to the project when using Bitbucket Server...
Grafana Security Vulnerabilities
Grafana is Grafana open source set of open source monitoring tools that provide a visual monitoring interface . The tool is mainly used to monitor and analyze Graphite, InfluxDB and Prometheus. Grafana has a security vulnerability that stems from inadequate cleanup of path parameters provided by...
The vulnerability of the Jenkins GitLab Branch Source Plugin, related to access control deficiencies, allows attackers to configure and jointly use arbitrary projects.
The vulnerability of the Jenkins GitLab Branch Source Plugin is related to access control deficiencies. Exploiting this vulnerability allows a malicious actor to configure and jointly use arbitrary projects...
The vulnerability of the Jenkins GitLab Branch Source Plugin, related to deficiencies in authentication procedures, allows attackers to gain unauthorized access to confidential information.
The vulnerability of the Jenkins GitLab Branch Source Plugin is related to deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to confidential information...
The vulnerability of the Jenkins GitLab Branch Source Plugin, related to the manipulation of cross-site requests, allows a perpetrator to perform CSRF attacks.
The vulnerability of the Jenkins GitLab Branch Source Plugin is related to the manipulation of cross-site requests. Exploiting this vulnerability allows a malicious actor to perform a CSRF attack remotely...