org.jenkins-ci.plugins:bitbucket-oauth (Maven) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the Maven package org.jenkins-ci.plugins:bitbucket-oauth, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVE-2019-10460 — CVSS 7.8 (high): Jenkins Bitbucket OAuth Plugin 0.9 and earlier stored credentials unencrypted in the global config.xml configuration file on the Jenkins…
CVE-2023-24428 — CVSS 5.7 (medium): A cross-site request forgery (CSRF) vulnerability in Jenkins Bitbucket OAuth Plugin 0.12 and earlier allows attackers to trick users into…