Lucene search

K

Supporting APIs Plugin Security Vulnerabilities

cve
cve

CVE-2022-43409

Jenkins Pipeline: Supporting APIs Plugin 838.va_3a_087b_4055b and earlier does not sanitize or properly encode URLs of hyperlinks sending POST requests in build logs, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to create...

5.4CVSS

5.2AI Score

0.001EPSS

2022-10-19 04:15 PM
61
4
cve
cve

CVE-2018-1000058

Jenkins Pipeline: Supporting APIs Plugin 2.17 and earlier have an arbitrary code execution due to incomplete sandbox protection: Methods related to Java deserialization like readResolve implemented in Pipeline scripts were not subject to sandbox protection, and could therefore execute arbitrary...

8.8CVSS

9.2AI Score

0.001EPSS

2018-02-09 11:29 PM
19