Jenkins Nexus Platform
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Jenkins Nexus Platform.
By the Year
In 2025 there have been 0 vulnerabilities in Jenkins Nexus Platform. Nexus Platform did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2025 | 0 | 0.00 |
| 2024 | 0 | 0.00 |
| 2023 | 4 | 6.83 |
It may take a day or so for new Nexus Platform vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Jenkins Nexus Platform Security Vulnerabilities
CVE-2023-50769 Jenkins Nexus Platform Plugin <=3.18.0-03 RCE via missing Overall/Read perm checks
CVE-2023-50769
4.3 - Medium
- December 13, 2023
Missing permission checks in Jenkins Nexus Platform Plugin 3.18.0-03 and earlier allow attackers with Overall/Read permission to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.
AuthZ
CSRF in Jenkins Nexus Platform Plug v<=3.18.0-03 allows credential exfiltration
CVE-2023-50768
8.8 - High
- December 13, 2023
A cross-site request forgery (CSRF) vulnerability in Jenkins Nexus Platform Plugin 3.18.0-03 and earlier allows attackers to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.
Session Riding
Jenkins Nexus Platform Plugin 3.18.0-03 Lacks Permission Checks for XML Parsing
CVE-2023-50767
5.4 - Medium
- December 13, 2023
Missing permission checks in Jenkins Nexus Platform Plugin 3.18.0-03 and earlier allow attackers with Overall/Read permission to send an HTTP request to an attacker-specified URL and parse the response as XML.
AuthZ
CSRF in Jenkins Nexus Platform Plugin 3.18.0-03 parse XML response
CVE-2023-50766
8.8 - High
- December 13, 2023
A cross-site request forgery (CSRF) vulnerability in Jenkins Nexus Platform Plugin 3.18.0-03 and earlier allows attackers to send an HTTP request to an attacker-specified URL and parse the response as XML.
Session Riding
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Jenkins Nexus Platform or by Jenkins? Click the Watch button to subscribe.
