CVE-2025-64148 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

A missing permission check in Jenkins Publish to Bitbucket Plugin 0.4 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of…
Medium CVSS: 4.3

CVE-2025-64148

A missing permission check in Jenkins Publish to Bitbucket Plugin 0.4 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.
Vendor
Jenkins
Product
Publish To Bitbucket
CWE
CWE-862
Yayın Tarihi
2025-10-29 14:15:59
Güncelleme
2025-11-04 22:16:41
Source Identifier
jenkinsci-cert@googlegroups.com
KEV Date Added
-

Kategoriler

CWE-862 Publish To Bitbucket MEDIUM Jenkins 2025

Referanslar

https://www.jenkins.io/security/advisory/2025-10-29/#SECURITY-3570 http://www.openwall.com/lists/oss-security/2025/10/29/2