Jenkins Assembla Auth
By the Year
In 2024 there have been 0 vulnerabilities in Jenkins Assembla Auth . Last year Assembla Auth had 1 security vulnerability published. Right now, Assembla Auth is on track to have less security vulnerabilities in 2024 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2024 | 0 | 0.00 |
| 2023 | 1 | 8.80 |
| 2022 | 0 | 0.00 |
| 2021 | 0 | 0.00 |
| 2020 | 0 | 0.00 |
| 2019 | 1 | 8.80 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Assembla Auth vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Jenkins Assembla Auth Security Vulnerabilities
Jenkins Assembla Auth Plugin 1.14 and earlier does not verify
CVE-2023-41945
8.8 - High
- September 06, 2023
Jenkins Assembla Auth Plugin 1.14 and earlier does not verify that the permissions it grants are enabled, resulting in users with EDIT permissions to be granted Overall/Manage and Overall/SystemRead permissions, even if those permissions are disabled and should not be granted.
AuthZ
Jenkins Assembla Auth Plugin stores credentials unencrypted in the global config.xml configuration file on the Jenkins master where they
CVE-2019-10280
8.8 - High
- April 04, 2019
Jenkins Assembla Auth Plugin stores credentials unencrypted in the global config.xml configuration file on the Jenkins master where they can be viewed by users with access to the master file system.
Insufficiently Protected Credentials
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Jenkins Assembla Auth or by Jenkins? Click the Watch button to subscribe.
