Vulnerabilities (CVE)

Filtered by vendor Jenkins Subscribe
Filtered by product Bitbucket Branch Source
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-20619 1 Jenkins 1 Bitbucket Branch Source 2024-11-21 5.8 MEDIUM 7.1 HIGH
A cross-site request forgery (CSRF) vulnerability in Jenkins Bitbucket Branch Source Plugin 737.vdf9dc06105be and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.
CVE-2022-20618 1 Jenkins 1 Bitbucket Branch Source 2024-11-21 4.0 MEDIUM 4.3 MEDIUM
A missing permission check in Jenkins Bitbucket Branch Source Plugin 737.vdf9dc06105be and earlier allows attackers with Overall/Read access to enumerate credentials IDs of credentials stored in Jenkins.