Skip to main content

Urltrigger

2 CVEs product

Monthly

CVE-2021-21659 Maven HIGH PATCH This Week

Jenkins URLTrigger Plugin 0.48 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Jenkins XXE Urltrigger
NVD
CVSS 3.1
8.1
EPSS
66.8%
CVE-2018-1000606 Maven MEDIUM PATCH This Month

A server-side request forgery vulnerability exists in Jenkins URLTrigger Plugin 0.41 and earlier in URLTrigger.java that allows attackers with Overall/Read access to cause Jenkins to send a GET. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Jenkins SSRF Urltrigger
NVD
CVSS 3.0
6.5
EPSS
0.7%
EPSS 67% CVSS 8.1
HIGH PATCH This Week

Jenkins URLTrigger Plugin 0.48 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Jenkins XXE Urltrigger
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

A server-side request forgery vulnerability exists in Jenkins URLTrigger Plugin 0.41 and earlier in URLTrigger.java that allows attackers with Overall/Read access to cause Jenkins to send a GET. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Jenkins SSRF +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy