Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
JenkinsMaven

3 matches found

CVE
CVEadded 2019/07/31 1:15 p.m.41 views

CVE-2019-10358

Jenkins Maven Integration Plugin 3.3 and earlier did not apply build log decorators to module builds, potentially revealing sensitive build variables in the build log.

6.5CVSS6.3AI score0.00139EPSS
CVE
CVEadded 2019/12/17 3:15 p.m.41 views

CVE-2019-16549

Jenkins Maven Release Plugin 0.16.1 and earlier does not configure the XML parser to prevent XML external entity (XXE) attacks, allowing man-in-the-middle attackers to have Jenkins parse crafted XML documents.

8.1CVSS7.9AI score0.00085EPSS
CVE
CVEadded 2019/12/17 3:15 p.m.30 views

CVE-2019-16550

A cross-site request forgery vulnerability in a connection test form method in Jenkins Maven Release Plugin 0.16.1 and earlier allows attackers to have Jenkins connect to an attacker specified web server and parse XML documents.

8.8CVSS8.6AI score0.00122EPSS