Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jenkins deployer framework vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv3
CVE-2022-36890
Jenkins Deployer Framework Plugin 85.v1d1888e8c021 and previous versions does not restrict the name of files in methods implementing form validation, allowing attackers with Item/Read permission to check for the existence of an attacker-specified file path on the Jenkins controll...
Jenkins Deployer Framework
4.3
CVSSv3
CVE-2022-36891
A missing permission check in Jenkins Deployer Framework Plugin 85.v1d1888e8c021 and previous versions allows attackers with Item/Read permission but without Deploy Now/Deploy permission to read deployment logs.
Jenkins Deployer Framework
8.8
CVSSv3
CVE-2022-36889
Jenkins Deployer Framework Plugin 85.v1d1888e8c021 and previous versions does not restrict the application path of the applications when configuring a deployment, allowing attackers with Item/Configure permission to upload arbitrary files from the Jenkins controller file system t...
Jenkins Deployer Framework
5.4
CVSSv3
CVE-2020-2227
Jenkins Deployer Framework Plugin 1.2 and previous versions does not escape the URL displayed in the build home page, resulting in a stored cross-site scripting vulnerability.
Jenkins Deployer Framework
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started