CVE-2022-28134 log

Source
Severity Medium
Remote Yes
Type Unknown
Description
Jenkins Bitbucket Server Integration Plugin 3.1.0 and earlier does not perform permission checks in several HTTP endpoints, allowing attackers with Overall/Read permission to create, view, and delete BitBucket Server consumers.
Group Package Affected Fixed Severity Status Ticket
AVG-2678 jenkins 0.0.0-1 High Not affected
References
https://www.openwall.com/lists/oss-security/2022/03/29/1
https://www.jenkins.io/security/advisory/2022-03-29/#SECURITY-2640