Skip to main content

Mailer

2 CVEs product

Monthly

CVE-2020-2252 Maven MEDIUM PATCH This Month

Jenkins Mailer Plugin 1.32 and earlier does not perform hostname validation when connecting to the configured SMTP server. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Jenkins Information Disclosure Mailer
NVD
CVSS 3.1
4.8
EPSS
1.0%
CVE-2018-8718 Maven HIGH POC PATCH This Week

Cross-site request forgery (CSRF) vulnerability in the Mailer Plugin 1.20 for Jenkins 2.111 allows remote authenticated users to send unauthorized mail as an arbitrary user via a. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

CSRF Jenkins Mailer
NVD Exploit-DB
CVSS 3.0
8.0
EPSS
6.8%
EPSS 1% CVSS 4.8
MEDIUM PATCH This Month

Jenkins Mailer Plugin 1.32 and earlier does not perform hostname validation when connecting to the configured SMTP server. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Jenkins Information Disclosure Mailer
NVD
EPSS 7% CVSS 8.0
HIGH POC PATCH This Week

Cross-site request forgery (CSRF) vulnerability in the Mailer Plugin 1.20 for Jenkins 2.111 allows remote authenticated users to send unauthorized mail as an arbitrary user via a. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

CSRF Jenkins Mailer
NVD Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy