CVE-2023-41932 - Exploiting the Jenkins Job Configuration History Plugin to Delete Arbitrary Directories
The software development world relies heavily on automation tools like Jenkins. Many teams use plugins to extend Jenkins’ features. But sometimes, a plugin exposes a
CVE-2023-41933 - How a Jenkins Plugin Exposed Your Sensitive Data via XXE Attacks
When it comes to DevOps and continuous delivery, Jenkins is one of the most popular tools out there. Its flexibility and massive plugin ecosystem make
CVE-2023-41936 - How a Tiny Flaw in Jenkins Google Login Plugin Led to a Secret-Stealing Risk
Jenkins is everywhere in DevOps. From continuous integration to managing deployment pipelines, Jenkins powers a huge chunk of modern software development. But like any big
CVE-2023-41944 - Unpacking the Jenkins AWS CodeCommit Trigger Plugin HTML Injection Vulnerability
Published: Summer 2024
Severity: Medium
Affected software: Jenkins AWS CodeCommit Trigger Plugin 3..12 and earlier
Jenkins is a popular automation server used for building,
CVE-2023-41946 - How a CSRF in Jenkins Frugal Testing Plugin Lets Attackers Steal Test Data
A serious vulnerability, CVE-2023-41946, was discovered in the Jenkins Frugal Testing Plugin (versions 1.1 and below). This plugin, meant to help developers run automated
Episode
00:00:00
00:00:00