Jenkins, the widely adopted open-source automation server central to CI/CD pipelines, has disclosed four critical security vulnerabilities enabling unauthorized secret disclosure, cross-site request forgery (CSRF), and open redirect attacks. These flaws, patched in versions 2.500 (weekly) and 2.492.2 (LTS), affect earlier releases, including Jenkins 2.499 and LTS 2.492.1. Potential impacts range from credential theft to […]
The post Multiple Jenkins Vulnerability Let Attackers Expose Secrets appeared first on Cyber Security News.
This article has been indexed from Cyber Security News