Skip to main content

Repo

2 CVEs product

Monthly

CVE-2022-43415 Maven HIGH PATCH This Week

Jenkins REPO Plugin 1.15.0 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XXE Jenkins Repo
NVD
CVSS 3.1
7.5
EPSS
0.9%
CVE-2022-30949 Maven MEDIUM PATCH This Month

Jenkins REPO Plugin 1.14.0 and earlier allows attackers able to configure pipelines to check out some SCM repositories stored on the Jenkins controller's file system using local paths as SCM URLs,. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Jenkins Information Disclosure Repo
NVD
CVSS 3.1
5.3
EPSS
1.0%
EPSS 1% CVSS 7.5
HIGH PATCH This Week

Jenkins REPO Plugin 1.15.0 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XXE Jenkins Repo
NVD
EPSS 1% CVSS 5.3
MEDIUM PATCH This Month

Jenkins REPO Plugin 1.14.0 and earlier allows attackers able to configure pipelines to check out some SCM repositories stored on the Jenkins controller's file system using local paths as SCM URLs,. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Jenkins Information Disclosure Repo
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy