Skip to main content

Image Tag Parameter

2 CVEs product

Monthly

CVE-2023-30516 Maven MEDIUM This Month

Jenkins Image Tag Parameter Plugin 2.0 improperly introduces an option to opt out of SSL/TLS certificate validation when connecting to Docker registries, resulting in job configurations using Image. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Jenkins Information Disclosure Docker Image Tag Parameter
NVD
CVSS 3.1
6.5
EPSS
0.5%
CVE-2022-34189 Maven MEDIUM This Month

Jenkins Image Tag Parameter Plugin 1.10 and earlier does not escape the name and description of Image Tag parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Jenkins Image Tag Parameter
NVD
CVSS 3.1
5.4
EPSS
0.6%
EPSS 0% CVSS 6.5
MEDIUM This Month

Jenkins Image Tag Parameter Plugin 2.0 improperly introduces an option to opt out of SSL/TLS certificate validation when connecting to Docker registries, resulting in job configurations using Image. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Jenkins Information Disclosure Docker +1
NVD
EPSS 1% CVSS 5.4
MEDIUM This Month

Jenkins Image Tag Parameter Plugin 1.10 and earlier does not escape the name and description of Image Tag parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Jenkins Image Tag Parameter
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy