CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Jenkins: >> Bitbucket Branch Source Security Vulnerabilities

CVE-2022-20619

A cross-site request forgery (CSRF) vulnerability in Jenkins Bitbucket Branch Source Plugin 737.vdf9dc06105be and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.

CVSS Score

7.1

EPSS Score

0.002

Published

2022-01-12

CVE-2022-20618

A missing permission check in Jenkins Bitbucket Branch Source Plugin 737.vdf9dc06105be and earlier allows attackers with Overall/Read access to enumerate credentials IDs of credentials stored in Jenkins.

CVSS Score

4.3

EPSS Score

0.023

Published

2022-01-12

Page 1

Vulnerabilities

Vulnerable Software

Jenkins: >> Bitbucket Branch Source Security Vulnerabilities

Products

Pricing

Contact Us