Lucene search
+L
JenkinsGithub Branch Source

5 matches found

CVE
CVE
added 2017/10/04 1:0 a.m.100 views

CVE-2017-1000087

The Connected documents confirm a vulnerability in the Jenkins GitHub Branch Source Plugin: any user with Overall/Read permission could enumerate credential IDs by accessing the job context, due to missing permission checks. The issue enables potential credential disclosure and could facilitate c...

4.3CVSS4.5AI score0.00786EPSS
CVE
CVE
added 2018/06/05 8:0 p.m.84 views

CVE-2018-1000185

The CVE-2018-1000185 entry concerns Jenkins GitHub Branch Source Plugin (versions

4.3CVSS4.5AI score0.00642EPSS
CVE
CVE
added 2024/01/24 5:52 p.m.81 views

CVE-2024-23902

CVE-2024-23902 concerns the Jenkins GitLab Branch Source Plugin, affecting versions 684.vea_fa_7c1e2fe3 and earlier. The root cause is a CSRF vulnerability: the plugin’s form validation endpoint does not require POST requests, enabling an attacker to have the user connect to an attacker-specified...

4.3CVSS4.7AI score0.00323EPSS
CVE
CVE
added 2026/04/29 1:31 p.m.27 views

CVE-2026-42522

The vulnerability CVE-2026-42522 affects Jenkins’ GitHub Branch Source Plugin (versions including 1967.vdea_d580c1a_b_a_ and earlier). The root cause is a missing permission check that permits attackers with Overall/Read to connect to an attacker-specified URL using attacker-specified GitHub App ...

4.3CVSS5.2AI score0.00184EPSS
CVE
CVE
added 2026/06/24 1:20 p.m.25 views

CVE-2026-57285

CVE-2026-57285: A missing permission check in Jenkins GitHub Branch Source Plugin (versions 1967.1969.v205fd594c821 and earlier) allows users with Overall/Read permission to obtain the URLs of GitHub Enterprise servers configured in the global plugin configuration. Affected component: Jenkins Git...

4.3CVSS5.9AI score0.00216EPSS