← Back

Orka By Macstadium

orka_by_macstadium

Vendor: Jenkins • 4 CVEs

CVEs (4)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
1Jenkins
1Orka By Macstadium
Jun 17, 2026
Jul 12, 2023
N/A· v4
7.1 HIGH· v3
N/A· v2
A missing permission check in Jenkins Orka by MacStadium Plugin 1.33 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained thr...Show more
A missing permission check in Jenkins Orka by MacStadium Plugin 1.33 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.Show less
1Jenkins
1Orka By Macstadium
Jun 17, 2026
Jan 26, 2023
N/A· v4
6.5 MEDIUM· v3
N/A· v2
Missing permission checks in Jenkins Orka by MacStadium Plugin 1.31 and earlier allow attackers with Overall/Read permission to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtain...Show more
Missing permission checks in Jenkins Orka by MacStadium Plugin 1.31 and earlier allow attackers with Overall/Read permission to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.Show less
1Jenkins
1Orka By Macstadium
Jun 17, 2026
Jan 26, 2023
N/A· v4
8.8 HIGH· v3
N/A· v2
A cross-site request forgery (CSRF) vulnerability in Jenkins Orka by MacStadium Plugin 1.31 and earlier allows attackers to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained t...Show more
A cross-site request forgery (CSRF) vulnerability in Jenkins Orka by MacStadium Plugin 1.31 and earlier allows attackers to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.Show less
1Jenkins
1Orka By Macstadium
Jun 17, 2026
Jan 26, 2023
N/A· v4
4.3 MEDIUM· v3
N/A· v2
A missing permission check in Jenkins Orka by MacStadium Plugin 1.31 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.