Jenkins Bitbucket Push Pull Request
By the Year
In 2023 there have been 1 vulnerability in Jenkins Bitbucket Push Pull Request with an average score of 7.5 out of ten. Bitbucket Push Pull Request did not have any published security vulnerabilities last year. That is, 1 more vulnerability have already been reported in 2023 as compared to last year.
Year | Vulnerabilities | Average Score |
---|---|---|
2023 | 1 | 7.50 |
2022 | 0 | 0.00 |
2021 | 0 | 0.00 |
2020 | 0 | 0.00 |
2019 | 0 | 0.00 |
2018 | 0 | 0.00 |
It may take a day or so for new Bitbucket Push Pull Request vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Jenkins Bitbucket Push Pull Request Security Vulnerabilities
Jenkins Bitbucket Push and Pull Request Plugin 2.4.0 through 2.8.3 (both inclusive) trusts values provided in the webhook payload, including certain URLs, and uses configured Bitbucket credentials to connect to those URLs
CVE-2023-41937
7.5 - High
- September 06, 2023
Jenkins Bitbucket Push and Pull Request Plugin 2.4.0 through 2.8.3 (both inclusive) trusts values provided in the webhook payload, including certain URLs, and uses configured Bitbucket credentials to connect to those URLs, allowing attackers to capture Bitbucket credentials stored in Jenkins by sending a crafted webhook payload.
XSPA
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Jenkins Bitbucket Push Pull Request or by Jenkins? Click the Watch button to subscribe.
