Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jenkins promoted builds vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2022-30965
Jenkins Promoted Builds (Simple) Plugin 1.9 and previous versions does not escape the name and description of Promotion Level parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure per...
Jenkins Promoted Builds
5.4
CVSSv3
CVE-2022-29049
Jenkins promoted builds Plugin 873.v6149db_d64130 and previous versions, except 3.10.1, does not validate the names of promotions defined in Job DSL, allowing attackers with Job/Configure permission to create a promotion with an unsafe name.
Jenkins Promoted Builds
5.4
CVSSv3
CVE-2022-29045
Jenkins promoted builds Plugin 873.v6149db_d64130 and previous versions, except 3.10.1, does not escape the name and description of Promoted Build parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers wi...
Jenkins Promoted Builds
4.8
CVSSv3
CVE-2022-25202
Jenkins Promoted Builds (Simple) Plugin 1.9 and previous versions does not escape the name of custom promotion levels, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Overall/Administer permission.
Jenkins Promoted Builds \\(simple\\)
4.3
CVSSv3
CVE-2021-21641
A cross-site request forgery (CSRF) vulnerability in Jenkins promoted builds Plugin 3.9 and previous versions allows malicious users to to promote builds.
Jenkins Promoted Builds
4.3
CVSSv3
CVE-2018-1000114
An improper authorization vulnerability exists in Jenkins Promoted Builds Plugin 2.31.1 and previous versions in Status.java and ManualCondition.java that allow an attacker with read access to jobs to perform promotions.
Jenkins Promoted Builds
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-35977
CVE-2023-49335
man-in-the-middle
CVE-2024-4947
CVE-2024-31714
memory leak
SQL
CVE-2024-35994
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started