Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jenkins cloudbees cd vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv3
CVE-2021-21647
Jenkins CloudBees CD Plugin 1.1.21 and previous versions does not perform a permission check in an HTTP endpoint, allowing attackers with Item/Read permission to schedule builds of projects without having Item/Build permission.
Jenkins Cloudbees Cd
8.1
CVSSv3
CVE-2023-46654
Jenkins CloudBees CD Plugin 1.1.32 and previous versions follows symbolic links to locations outside of the expected directory during the cleanup process of the 'CloudBees CD - Publish Artifact' post-build step, allowing attackers able to configure jobs to delete arbitr...
Jenkins Cloudbees Cd
6.5
CVSSv3
CVE-2023-46655
Jenkins CloudBees CD Plugin 1.1.32 and previous versions follows symbolic links to locations outside of the directory from which artifacts are published during the 'CloudBees CD - Publish Artifact' post-build step, allowing attackers able to configure jobs to publish ar...
Jenkins Cloudbees Cd
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4946
CVE-2024-30309
CVE-2024-4761
CVE-2024-30051
type confusion
memory leak
CVE-2024-30293
reflected XSS
CVE-2024-3126
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started