Jenkins Dynamic Extended Choice Parameter

Do you want an email whenever new security vulnerabilities are reported in Jenkins Dynamic Extended Choice Parameter?

By the Year

In 2023 there have been 0 vulnerabilities in Jenkins Dynamic Extended Choice Parameter . Last year Dynamic Extended Choice Parameter had 2 security vulnerabilities published. Right now, Dynamic Extended Choice Parameter is on track to have less security vulnerabilities in 2023 than it did last year.

Year	Vulnerabilities	Average Score
2023	0	0.00
2022	2	5.40
2021	0	0.00
2020	1	4.30
2019	0	0.00
2018	0	0.00

It may take a day or so for new Dynamic Extended Choice Parameter vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Jenkins Dynamic Extended Choice Parameter Security Vulnerabilities

Jenkins Dynamic Extended Choice Parameter Plugin 1.0.1 and earlier does not escape several fields of Moded Extended Choice parameters

CVE-2022-36902 5.4 - Medium - July 27, 2022

Jenkins Dynamic Extended Choice Parameter Plugin 1.0.1 and earlier does not escape several fields of Moded Extended Choice parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.

XSS

Jenkins Dynamic Extended Choice Parameter Plugin 1.0.1 and earlier does not escape the name and description of Moded Extended Choice parameters on views displaying parameters

CVE-2022-34186 5.4 - Medium - June 23, 2022

Jenkins Dynamic Extended Choice Parameter Plugin 1.0.1 and earlier does not escape the name and description of Moded Extended Choice parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.

XSS

Jenkins Dynamic Extended Choice Parameter Plugin 1.0.1 and earlier stores a password unencrypted in job config.xml files on the Jenkins master where it

CVE-2020-2124 4.3 - Medium - February 12, 2020

Jenkins Dynamic Extended Choice Parameter Plugin 1.0.1 and earlier stores a password unencrypted in job config.xml files on the Jenkins master where it can be viewed by users with Extended Read permission, or access to the master file system.

Insufficiently Protected Credentials

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Jenkins Dynamic Extended Choice Parameter or by Jenkins? Click the Watch button to subscribe.

Jenkins
Vendor

Jenkins Dynamic Extended Choice Parameter
Product

Jenkins Dynamic Extended Choice Parameter

By the Year

Recent Jenkins Dynamic Extended Choice Parameter Security Vulnerabilities

Jenkins Dynamic Extended Choice Parameter Plugin 1.0.1 and earlier does not escape several fields of Moded Extended Choice parameters CVE-2022-36902 5.4 - Medium - July 27, 2022

Jenkins Dynamic Extended Choice Parameter Plugin 1.0.1 and earlier does not escape the name and description of Moded Extended Choice parameters on views displaying parameters CVE-2022-34186 5.4 - Medium - June 23, 2022

Jenkins Dynamic Extended Choice Parameter Plugin 1.0.1 and earlier stores a password unencrypted in job config.xml files on the Jenkins master where it CVE-2020-2124 4.3 - Medium - February 12, 2020