Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Jenkins Subscribe
Filtered by product Repo
Total 4 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-43415 1 Jenkins 1 Repo 2022-10-20 N/A 7.5 HIGH
Jenkins REPO Plugin 1.15.0 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.
CVE-2022-30949 1 Jenkins 3 Git, Mercurial, Repo 2022-05-26 5.0 MEDIUM 5.3 MEDIUM
Jenkins REPO Plugin 1.14.0 and earlier allows attackers able to configure pipelines to check out some SCM repositories stored on the Jenkins controller's file system using local paths as SCM URLs, obtaining limited information about other projects' SCM contents.
CVE-2022-30948 1 Jenkins 3 Git, Mercurial, Repo 2022-05-26 5.0 MEDIUM 7.5 HIGH
Jenkins Mercurial Plugin 2.16 and earlier allows attackers able to configure pipelines to check out some SCM repositories stored on the Jenkins controller's file system using local paths as SCM URLs, obtaining limited information about other projects' SCM contents.
CVE-2022-30947 1 Jenkins 3 Git, Mercurial, Repo 2022-05-26 5.0 MEDIUM 7.5 HIGH
Jenkins Git Plugin 4.11.1 and earlier allows attackers able to configure pipelines to check out some SCM repositories stored on the Jenkins controller's file system using local paths as SCM URLs, obtaining limited information about other projects' SCM contents.