Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jenkins build-publisher vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-41230
Jenkins Build-Publisher Plugin 1.22 and previous versions does not perform a permission check in an HTTP endpoint, allowing attackers with Overall/Read permission to obtain names and URLs of Jenkins servers that the plugin is configured to publish builds to, as well as builds pen...
Jenkins Build-publisher
NA
CVE-2022-41231
Jenkins Build-Publisher Plugin 1.22 and previous versions allows attackers with Item/Configure permission to create or replace any config.xml file on the Jenkins controller file system by providing a crafted file name to an API endpoint.
Jenkins Build-publisher
NA
CVE-2022-41232
A cross-site request forgery (CSRF) vulnerability in Jenkins Build-Publisher Plugin 1.22 and previous versions allows malicious users to replace any config.xml file on the Jenkins controller file system with an empty file by providing a crafted file name to an API endpoint.
Jenkins Build-publisher
2.1
CVSSv2
CVE-2017-1000387
Jenkins Build-Publisher plugin version 1.21 and previous versions stores credentials to other Jenkins instances in the file hudson.plugins.build_publisher.BuildPublisher.xml in the Jenkins master home directory. These credentials were stored unencrypted, allowing anyone with loca...
Jenkins Build-publisher
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started