Skip to main content

Jenkins Zowe Zdevops Plugin

2 CVEs product

Monthly

CVE-2026-57307 MEDIUM This Month

A missing permission check in Jenkins Zowe zDevOps Plugin 1.1.3.50.ve350c9b_450b_1 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.

Jenkins Jenkins Zowe Zdevops Plugin Authentication Bypass
NVD VulDB
CVSS 3.1
4.2
EPSS
0.1%
CVE-2026-57306 MEDIUM This Month

A cross-site request forgery (CSRF) vulnerability in Jenkins Zowe zDevOps Plugin 1.1.3.50.ve350c9b_450b_1 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.

CSRF Jenkins Jenkins Zowe Zdevops Plugin
NVD VulDB
CVSS 3.1
4.2
EPSS
0.1%
EPSS 0% CVSS 4.2
MEDIUM This Month

A missing permission check in Jenkins Zowe zDevOps Plugin 1.1.3.50.ve350c9b_450b_1 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.

Jenkins Jenkins Zowe Zdevops Plugin Authentication Bypass
NVD VulDB
EPSS 0% CVSS 4.2
MEDIUM This Month

A cross-site request forgery (CSRF) vulnerability in Jenkins Zowe zDevOps Plugin 1.1.3.50.ve350c9b_450b_1 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.

CSRF Jenkins Jenkins Zowe Zdevops Plugin
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy