Skip to main content

Kubernetes Continuous Deploy

4 CVEs product

Monthly

CVE-2022-27211 Maven MEDIUM This Month

A missing permission check in Jenkins Kubernetes Continuous Deploy Plugin 2.3.1 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified SSH server using. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Kubernetes Jenkins Kubernetes Continuous Deploy
NVD
CVSS 3.1
6.5
EPSS
0.9%
CVE-2022-27210 Maven MEDIUM This Month

A cross-site request forgery (CSRF) vulnerability in Jenkins Kubernetes Continuous Deploy Plugin 2.3.1 and earlier allows attackers to connect to an attacker-specified SSH server using. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Kubernetes CSRF Jenkins Kubernetes Continuous Deploy
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2022-27209 Maven MEDIUM This Month

A missing permission check in Jenkins Kubernetes Continuous Deploy Plugin 2.3.1 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Kubernetes Jenkins Kubernetes Continuous Deploy
NVD
CVSS 3.1
6.5
EPSS
0.9%
CVE-2022-27208 Maven MEDIUM This Month

Jenkins Kubernetes Continuous Deploy Plugin 2.3.1 and earlier allows users with Credentials/Create permission to read arbitrary files on the Jenkins controller. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Kubernetes Jenkins Path Traversal Kubernetes Continuous Deploy
NVD
CVSS 3.1
6.5
EPSS
1.8%
EPSS 1% CVSS 6.5
MEDIUM This Month

A missing permission check in Jenkins Kubernetes Continuous Deploy Plugin 2.3.1 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified SSH server using. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Kubernetes Jenkins +1
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

A cross-site request forgery (CSRF) vulnerability in Jenkins Kubernetes Continuous Deploy Plugin 2.3.1 and earlier allows attackers to connect to an attacker-specified SSH server using. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Kubernetes CSRF Jenkins +1
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

A missing permission check in Jenkins Kubernetes Continuous Deploy Plugin 2.3.1 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Kubernetes Jenkins +1
NVD
EPSS 2% CVSS 6.5
MEDIUM This Month

Jenkins Kubernetes Continuous Deploy Plugin 2.3.1 and earlier allows users with Credentials/Create permission to read arbitrary files on the Jenkins controller. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Kubernetes Jenkins Path Traversal +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy