Product
jenkins github branch source
7 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2026-42522
CVE-2024-23903
CVE-2024-23902
CVE-2024-23901
CVE-2018-1000185
CVE-2017-1000091
CVE-2017-1000087
<= 1967.vdea_d580c1a_b_a
A missing permission check in Jenkins GitHub Branch Source Plugin 1967.vdea_d580c1a_b_a_ and earlier allows attackers with Overall
<= 684.vea_fa_7c1e2fe3
Jenkins GitLab Branch Source Plugin 684.vea_fa_7c1e2fe3 and earlier uses a non-constant time comparison function when checking whe
<= 684.vea_fa_7c1e2fe3
A cross-site request forgery (CSRF) vulnerability in Jenkins GitLab Branch Source Plugin 684.vea_fa_7c1e2fe3 and earlier allows at
<= 684.vea_fa_7c1e2fe3
Jenkins GitLab Branch Source Plugin 684.vea_fa_7c1e2fe3 and earlier unconditionally discovers projects that are shared with the co
<= 2.3.4
A server-side request forgery vulnerability exists in Jenkins GitHub Branch Source Plugin 2.3.4 and older in Endpoint.java that al
all versions
GitHub Branch Source Plugin connects to a user-specified GitHub API URL (e.g. GitHub Enterprise) as part of form validation and co
<= 2.0.7
GitHub Branch Source provides a list of applicable credential IDs to allow users configuring a job to select the one they'd like t