Jenkins GitLab Branch Source Plugin 684.vea_fa_7c1e2fe3 and previous versions unconditionally discovers projects that are shared with the configured owner group, allowing malicious users to configure and share a project, resulting in a crafted Pipeline being built by Jenkins during the next scan of the group.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
jenkins github branch source |