Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
By Recent Activity
jenkins kubernetes vulnerabilities and exploits
(subscribe to this query)
4
CVSSv2
CVE-2020-2309
A missing/An incorrect permission check in Jenkins Kubernetes Plugin 1.27.3 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins....
Jenkins Kubernetes
4
CVSSv2
CVE-2018-1999040
An exposure of sensitive information vulnerability exists in Jenkins Kubernetes Plugin 1.10.1 and earlier in KubernetesCloud.java that allows attackers to capture credentials with a known credentials ID stored in Jenkins....
Jenkins Kubernetes
4
CVSSv2
CVE-2021-21661
Jenkins Kubernetes CLI Plugin 1.10.0 and earlier does not perform permission checks in several HTTP endpoints, allowing attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins....
Jenkins Kubernetes
1 Github repository available
4
CVSSv2
CVE-2020-2308
A missing permission check in Jenkins Kubernetes Plugin 1.27.3 and earlier allows attackers with Overall/Read permission to list global pod template names....
Jenkins Kubernetes
6.5
CVSSv2
CVE-2019-10417
Jenkins Kubernetes :: Pipeline :: Kubernetes Steps Plugin provides a custom whitelist for script security that allowed attackers to invoke arbitrary methods, bypassing typical sandbox protection....
Jenkins Kubernetes Pipeline
6.8
CVSSv2
CVE-2019-10468
A cross-site request forgery vulnerability in Jenkins ElasticBox Jenkins Kubernetes CI/CD Plugin allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins....
Jenkins Kubernetes Ci
4
CVSSv2
CVE-2019-10470
A missing permission check in Jenkins ElasticBox Jenkins Kubernetes CI/CD Plugin in form-related methods allowed users with Overall/Read access to enumerate credentials ID of credentials stored in Jenkins....
Jenkins Kubernetes Ci
6.5
CVSSv2
CVE-2019-10418
Jenkins Kubernetes :: Pipeline :: Arquillian Steps Plugin provides a custom whitelist for script security that allowed attackers to invoke arbitrary methods, bypassing typical sandbox protection....
Jenkins Kubernetes Pipeline
4
CVSSv2
CVE-2020-2307
Jenkins Kubernetes Plugin 1.27.3 and earlier allows low-privilege users to access possibly sensitive Jenkins controller environment variables....
Jenkins Kubernetes
4
CVSSv2
CVE-2018-1000187
A exposure of sensitive information vulnerability exists in Jenkins Kubernetes Plugin 1.7.0 and older in ContainerExecDecorator.java that results in sensitive variables such as passwords being written to logs....
Jenkins Kubernetes
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-25675
CVE-2023-21072
physical
CVE-2023-28446
encryption
CVE-2023-21076
server-side request forgery
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »
Vulmon