Repository Connector@2.2.0 Security Vulnerabilities and Issues — Repository Connector@2.2.0 CVE List

Lucene search

JenkinsRepository Connector2.2.0

3 matches found

CVE•added 2022/07/27 3:15 p.m.•81 views

CVE-2022-36903

A missing permission check in Jenkins Repository Connector Plugin 2.2.0 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.

4.3CVSS4.4AI score0.00396EPSS

CVE•added 2022/06/23 5:15 p.m.•80 views

CVE-2022-34195

Jenkins Repository Connector Plugin 2.2.0 and earlier does not escape the name and description of Maven Repository Artifact parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.

5.4CVSS5.2AI score0.31598EPSS

CVE•added 2022/07/27 3:15 p.m.•76 views

CVE-2022-36904

Jenkins Repository Connector Plugin 2.2.0 and earlier does not perform a permission check in a method implementing form validation, allowing attackers with Overall/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller file system.

4.3CVSS4.4AI score0.00093EPSS