Jenkins Gitlab Hook
By the Year
In 2024 there have been 0 vulnerabilities in Jenkins Gitlab Hook . Gitlab Hook did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2024 | 0 | 0.00 |
| 2023 | 0 | 0.00 |
| 2022 | 0 | 0.00 |
| 2021 | 0 | 0.00 |
| 2020 | 1 | 6.10 |
| 2019 | 0 | 0.00 |
| 2018 | 1 | 6.50 |
It may take a day or so for new Gitlab Hook vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Jenkins Gitlab Hook Security Vulnerabilities
Jenkins Gitlab Hook Plugin 1.4.2 and earlier does not escape project names in the build_now endpoint
CVE-2020-2096
6.1 - Medium
- January 15, 2020
Jenkins Gitlab Hook Plugin 1.4.2 and earlier does not escape project names in the build_now endpoint, resulting in a reflected XSS vulnerability.
XSS
A exposure of sensitive information vulnerability exists in Jenkins Gitlab Hook Plugin 1.4.2 and older in gitlab_notifier.rb, views/gitlab_notifier/global.erb
CVE-2018-1000196
6.5 - Medium
- June 05, 2018
A exposure of sensitive information vulnerability exists in Jenkins Gitlab Hook Plugin 1.4.2 and older in gitlab_notifier.rb, views/gitlab_notifier/global.erb that allows attackers with local Jenkins master file system access or control of a Jenkins administrator's web browser (e.g. malicious extension) to retrieve the configured Gitlab token.
Information Disclosure
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Jenkins Gitlab Hook or by Jenkins? Click the Watch button to subscribe.
