Jenkins Project Jenkins Bitbucket Branch Source Plugin vulnerabilities
3 known vulnerabilities affecting jenkins_project/jenkins_bitbucket_branch_source_plugin.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2024-39460MEDIUMCVSS 4.3≤ 886.v44cf5e4ecec52024-06-26
CVE-2024-39460 [MEDIUM] CWE-532 CVE-2024-39460: Jenkins Bitbucket Branch Source Plugin 886.v44cf5e4ecec5 and earlier prints the Bitbucket OAuth acce
Jenkins Bitbucket Branch Source Plugin 886.v44cf5e4ecec5 and earlier prints the Bitbucket OAuth access token as part of the Bitbucket URL in the build log in some cases.
cvelistv5nvd
CVE-2022-20619HIGHCVSS 7.1≥ unspecified, ≤ 737.vdf9dc06105be2022-01-12
CVE-2022-20619 [HIGH] CWE-352 CVE-2022-20619: A cross-site request forgery (CSRF) vulnerability in Jenkins Bitbucket Branch Source Plugin 737.vdf9
A cross-site request forgery (CSRF) vulnerability in Jenkins Bitbucket Branch Source Plugin 737.vdf9dc06105be and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.
cvelistv5nvd
CVE-2022-20618MEDIUMCVSS 4.3≥ unspecified, ≤ 737.vdf9dc06105be2022-01-12
CVE-2022-20618 [MEDIUM] CWE-862 CVE-2022-20618: A missing permission check in Jenkins Bitbucket Branch Source Plugin 737.vdf9dc06105be and earlier a
A missing permission check in Jenkins Bitbucket Branch Source Plugin 737.vdf9dc06105be and earlier allows attackers with Overall/Read access to enumerate credentials IDs of credentials stored in Jenkins.
cvelistv5nvd