Lucene search
Jenkins Image Tag Parameter Plugin Security Vulnerabilities
cve
Jenkins Image Tag Parameter Plugin 2.0 improperly introduces an option to opt out of SSL/TLS certificate validation when connecting to Docker registries, resulting in job configurations using Image Tag Parameters that were created before 2.0 having SSL/TLS certificate validation disabled by...
6.5CVSS
6.4AI Score
0.001EPSS
2023-04-12 06:15 PM
15
cve
Jenkins Image Tag Parameter Plugin 1.10 and earlier does not escape the name and description of Image Tag parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure...
5.4CVSS
5.2AI Score
0.001EPSS
2022-06-23 05:15 PM
63
4