Skip to main content

Bitbucket Branch Source

2 CVEs product

Monthly

CVE-2024-39460 Maven MEDIUM PATCH This Month

Jenkins Bitbucket Branch Source Plugin 886.v44cf5e4ecec5 and earlier prints the Bitbucket OAuth access token as part of the Bitbucket URL in the build log in some cases. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Jenkins Bitbucket Branch Source
NVD
CVSS 3.1
4.3
EPSS
0.5%
CVE-2024-28152 Maven MEDIUM PATCH This Month

In Jenkins Bitbucket Branch Source Plugin 866.vdea_7dcd3008e and earlier, except 848.850.v6a_a_2a_234a_c81, when discovering pull requests from forks, the trust policy "Forks in the same account". Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Jenkins Bitbucket Branch Source
NVD
CVSS 3.1
6.3
EPSS
0.6%
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

Jenkins Bitbucket Branch Source Plugin 886.v44cf5e4ecec5 and earlier prints the Bitbucket OAuth access token as part of the Bitbucket URL in the build log in some cases. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Jenkins Bitbucket Branch Source
NVD
EPSS 1% CVSS 6.3
MEDIUM PATCH This Month

In Jenkins Bitbucket Branch Source Plugin 866.vdea_7dcd3008e and earlier, except 848.850.v6a_a_2a_234a_c81, when discovering pull requests from forks, the trust policy "Forks in the same account". Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Jenkins Bitbucket Branch Source
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy