Jenkins Project Jenkins Publish To Bitbucket Plugin vulnerabilities
3 known vulnerabilities affecting jenkins_project/jenkins_publish_to_bitbucket_plugin.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
MEDIUM3
Vulnerabilities
Page 1 of 1
CVE-2025-64149MEDIUMCVSS 5.4≤ 0.42025-10-29
CVE-2025-64149 [MEDIUM] CWE-352 CVE-2025-64149: A cross-site request forgery (CSRF) vulnerability in Jenkins Publish to Bitbucket Plugin 0.4 and ear
A cross-site request forgery (CSRF) vulnerability in Jenkins Publish to Bitbucket Plugin 0.4 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.
cvelistv5nvd
CVE-2025-64150MEDIUMCVSS 5.4≤ 0.42025-10-29
CVE-2025-64150 [MEDIUM] CWE-862 CVE-2025-64150: A missing permission check in Jenkins Publish to Bitbucket Plugin 0.4 and earlier allows attackers w
A missing permission check in Jenkins Publish to Bitbucket Plugin 0.4 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.
cvelistv5nvd
CVE-2025-64148MEDIUMCVSS 4.3≤ 0.42025-10-29
CVE-2025-64148 [MEDIUM] CWE-862 CVE-2025-64148: A missing permission check in Jenkins Publish to Bitbucket Plugin 0.4 and earlier allows attackers w
A missing permission check in Jenkins Publish to Bitbucket Plugin 0.4 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.
cvelistv5nvd