Jenkins Cloudbees Aws Credentials
By the Year
In 2024 there have been 0 vulnerabilities in Jenkins Cloudbees Aws Credentials . Cloudbees Aws Credentials did not have any published security vulnerabilities last year.
Year | Vulnerabilities | Average Score |
---|---|---|
2024 | 0 | 0.00 |
2023 | 0 | 0.00 |
2022 | 2 | 6.15 |
2021 | 1 | 4.30 |
2020 | 0 | 0.00 |
2019 | 0 | 0.00 |
2018 | 0 | 0.00 |
It may take a day or so for new Cloudbees Aws Credentials vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Jenkins Cloudbees Aws Credentials Security Vulnerabilities
A missing permission check in Jenkins CloudBees AWS Credentials Plugin 189.v3551d5642995 and earlier
CVE-2022-27199
4.3 - Medium
- March 15, 2022
A missing permission check in Jenkins CloudBees AWS Credentials Plugin 189.v3551d5642995 and earlier allows attackers with Overall/Read permission to connect to an AWS service using an attacker-specified token.
AuthZ
A cross-site request forgery (CSRF) vulnerability in Jenkins CloudBees AWS Credentials Plugin 189.v3551d5642995 and earlier
CVE-2022-27198
8 - High
- March 15, 2022
A cross-site request forgery (CSRF) vulnerability in Jenkins CloudBees AWS Credentials Plugin 189.v3551d5642995 and earlier allows attackers with Overall/Read permission to connect to an AWS service using an attacker-specified token.
Session Riding
Jenkins CloudBees AWS Credentials Plugin 1.28 and earlier does not perform a permission check in a helper method for HTTP endpoints
CVE-2021-21625
4.3 - Medium
- March 18, 2021
Jenkins CloudBees AWS Credentials Plugin 1.28 and earlier does not perform a permission check in a helper method for HTTP endpoints, allowing attackers with Overall/Read permission to enumerate credentials IDs of AWS credentials stored in Jenkins in some circumstances.
AuthZ
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Jenkins Cloudbees Aws Credentials or by Jenkins? Click the Watch button to subscribe.