Github Branch Source Security Vulnerabilities and Issues — Github Branch Source CVE List

Lucene search

JenkinsGithub Branch Source

3 matches found

CVE•added 2017/10/05 1:29 a.m.•74 views

CVE-2017-1000087

GitHub Branch Source provides a list of applicable credential IDs to allow users configuring a job to select the one they'd like to use. This functionality did not check permissions, allowing any user with Overall/Read permission to get a list of valid credentials IDs. Those could be used as part o...

4.3CVSS4.5AI score0.00023EPSS

CVE•added 2018/06/05 8:29 p.m.•69 views

CVE-2018-1000185

A server-side request forgery vulnerability exists in Jenkins GitHub Branch Source Plugin 2.3.4 and older in Endpoint.java that allows attackers with Overall/Read access to cause Jenkins to send a GET request to a specified URL.

4.3CVSS4.5AI score0.00041EPSS

CVE•added 2024/01/24 6:15 p.m.•57 views

CVE-2024-23902

A cross-site request forgery (CSRF) vulnerability in Jenkins GitLab Branch Source Plugin 684.vea_fa_7c1e2fe3 and earlier allows attackers to connect to an attacker-specified URL.

4.3CVSS4.7AI score0.00048EPSS