CVE-2023-41942 - How a CSRF Flaw in Jenkins AWS CodeCommit Trigger Plugin Lets Attackers Clear SQS Queues
Jenkins is widely used for automation, and the AWS CodeCommit Trigger Plugin adds the ability to hook up AWS CodeCommit events with Jenkins jobs. But,
CVE-2023-41938 - How a CSRF Vulnerability Could Let Attackers Delete Your Disabled Jenkins Ivy Modules
If you are using Jenkins to automate builds and deployments, you may have heard about its huge plugin ecosystem. One of the popular plugins is
CVE-2023-41933 - How a Jenkins Plugin Exposed Your Sensitive Data via XXE Attacks
When it comes to DevOps and continuous delivery, Jenkins is one of the most popular tools out there. Its flexibility and massive plugin ecosystem make
CVE-2023-41932 - Exploiting the Jenkins Job Configuration History Plugin to Delete Arbitrary Directories
The software development world relies heavily on automation tools like Jenkins. Many teams use plugins to extend Jenkins’ features. But sometimes, a plugin exposes a
CVE-2023-41937 - How Attackers Steal Jenkins Credentials Via Malicious Bitbucket Webhooks (Full Technical Analysis)
When organizations integrate Jenkins with Bitbucket for continuous integration via the Bitbucket Push and Pull Request Plugin, automation saves time and effort. However, the discovery
Episode
00:00:00
00:00:00