Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-34792 | 1 Jenkins | 1 Recipe | 2022-07-08 | 6.0 MEDIUM | 8.0 HIGH |
| A cross-site request forgery (CSRF) vulnerability in Jenkins Recipe Plugin 1.2 and earlier allows attackers to send an HTTP request to an attacker-specified URL and parse the response as XML. | |||||
| CVE-2022-34794 | 1 Jenkins | 1 Recipe | 2022-07-07 | 4.0 MEDIUM | 6.5 MEDIUM |
| Missing permission checks in Jenkins Recipe Plugin 1.2 and earlier allow attackers with Overall/Read permission to send an HTTP request to an attacker-specified URL and parse the response as XML. | |||||
| CVE-2022-34793 | 1 Jenkins | 1 Recipe | 2022-07-07 | 6.5 MEDIUM | 8.8 HIGH |
| Jenkins Recipe Plugin 1.2 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. | |||||