Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jenkins subversion vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-34148
Jenkins Subversion Partial Release Manager Plugin 1.0.1 and previous versions programmatically disables the fix for CVE-2016-3721 whenever a build is triggered from a release tag, by setting the Java system property 'hudson.model.ParametersAction.keepUndefinedParameters'...
NA
CVE-2024-28158
A cross-site request forgery (CSRF) vulnerability in Jenkins Subversion Partial Release Manager Plugin 1.0.1 and previous versions allows malicious users to trigger a build.
NA
CVE-2024-28159
A missing permission check in Jenkins Subversion Partial Release Manager Plugin 1.0.1 and previous versions allows attackers with Item/Read permission to trigger a build.
5.4
CVSSv3
CVE-2022-29046
Jenkins Subversion Plugin 2.15.3 and previous versions does not escape the name and description of List Subversion tags (and more) parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configur...
Jenkins Subversion
Apple Macos
4.3
CVSSv3
CVE-2022-29048
A cross-site request forgery (CSRF) vulnerability in Jenkins Subversion Plugin 2.15.3 and previous versions allows malicious users to connect to an attacker-specified URL.
Jenkins Subversion
Apple Macos
7.5
CVSSv3
CVE-2021-21698
Jenkins Subversion Plugin 2.15.0 and previous versions does not restrict the name of a file when looking up a subversion key file on the controller from an agent.
Jenkins Subversion
6.5
CVSSv3
CVE-2020-2304
Jenkins Subversion Plugin 2.13.1 and previous versions does not configure its XML parser to prevent XML external entity (XXE) attacks.
Jenkins Subversion
6.1
CVSSv3
CVE-2020-2199
Jenkins Subversion Partial Release Manager Plugin 1.0.1 and previous versions does not escape the error message for the repository URL field form validation, resulting in a reflected cross-site scripting vulnerability.
Jenkins Subversion Partial Release Manager
6.1
CVSSv3
CVE-2020-2152
Jenkins Subversion Release Manager Plugin 1.2 and previous versions does not escape the error message for the Repository URL field form validation, resulting in a reflected cross-site scripting vulnerability.
Jenkins Subversion Release Manager
5.4
CVSSv3
CVE-2020-2111
Jenkins Subversion Plugin 2.13.0 and previous versions does not escape the error message for the Project Repository Base URL field form validation, resulting in a stored cross-site scripting vulnerability.
Jenkins Subversion
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »