CVE-2023-41934 - How Jenkins Pipeline Maven Integration Plugin Leaked Usernames in Build Logs (with PoC)
If you rely on Jenkins and use the Pipeline Maven Integration Plugin, you may be exposing sensitive usernames in your build logs, even if you
CVE-2023-41935 - Exploiting Timing Attacks in Jenkins Azure AD Plugin (396.v86ce29279947 and Earlier)
Jenkins is a widely used automation server for building, testing, and deploying software projects. With countless plugins for integration, security is always a top concern.
CVE-2023-41931 - Exploiting Jenkins Job Configuration History Plugin XSS Vulnerability (Detailed Walkthrough)
Jenkins is one of the most widely used open-source automation servers for continuous integration and continuous delivery (CI/CD). Plugins expand Jenkins features but sometimes
CVE-2023-41930 - Exploiting the Jenkins Job Configuration History Plugin (1227.v7a_79fc4dc01f and Earlier)
On September 2023, Jenkins revealed an important security vulnerability affecting its Job Configuration History Plugin. Identified as CVE-2023-41930, this vulnerability opens the doors for attackers
CVE-2023-41932 - Exploiting the Jenkins Job Configuration History Plugin to Delete Arbitrary Directories
The software development world relies heavily on automation tools like Jenkins. Many teams use plugins to extend Jenkins’ features. But sometimes, a plugin exposes a
Episode
00:00:00
00:00:00