Skip to main content

Rpmsign Plugin

1 CVEs product

Monthly

CVE-2022-36893 Maven MEDIUM PATCH This Month

Jenkins rpmsign-plugin Plugin 0.5.0 and earlier does not perform a permission check in a method implementing form validation, allowing attackers with Item/Read permission but without Item/Workspace. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Jenkins Rpmsign Plugin
NVD
CVSS 3.1
4.3
EPSS
0.6%
EPSS 1% CVSS 4.3
MEDIUM PATCH This Month

Jenkins rpmsign-plugin Plugin 0.5.0 and earlier does not perform a permission check in a method implementing form validation, allowing attackers with Item/Read permission but without Item/Workspace. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Jenkins Rpmsign Plugin
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy