CVE-2023-4302 - How a Missing Permission Check in Jenkins Fortify Plugin Exposes Your Credentials
Jenkins is a widely used automation server in software development. It manages building, testing, and deployment tasks with the help of plugins. But even the
CVE-2023-4303 - Exploiting HTML Injection in Jenkins Fortify Plugin (22.1.38 and Earlier)
A critical security vulnerability—tracked as CVE-2023-4303—was discovered in the Jenkins Fortify Plugin, versions 22.1.38 and earlier. This bug allows attackers to
CVE-2023-4301 - Exploiting CSRF in Jenkins Fortify Plugin to Steal Credentials
CVE-2023-4301 describes a critical security weakness in the Jenkins Fortify Plugin (versions 22.1.38 and earlier). This vulnerability makes it possible for an attacker
CVE-2023-40338 - Jenkins Folders Plugin File Path Disclosure Exploit Explained
If you’re using Jenkins for continuous integration (CI/CD), you likely depend on plugins to extend its core functionality. But plugins can sometimes introduce
CVE-2023-40344 - How a Simple Permission Check Failure in Jenkins Delphix Plugin Exposes Credential IDs
In the fast-moving world of DevOps, Jenkins plugins play a big role in extending core functionality. But sometimes, even a small oversight in plugin code
Episode
00:00:00
00:00:00