Extended Choice Parameter Jenkins Extended Choice Parameter

  1. Vendors
  2. Jenkins
  3. Extended Choice Parameter
Do you want an email whenever new security vulnerabilities are reported in Jenkins Extended Choice Parameter?

By the Year

In 2023 there have been 0 vulnerabilities in Jenkins Extended Choice Parameter . Last year Extended Choice Parameter had 5 security vulnerabilities published. Right now, Extended Choice Parameter is on track to have less security vulnerabilities in 2023 than it did last year.

Year Vulnerabilities Average Score
2023 0 0.00
2022 5 6.08
2021 0 0.00
2020 0 0.00
2019 0 0.00
2018 0 0.00

It may take a day or so for new Extended Choice Parameter vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Jenkins Extended Choice Parameter Security Vulnerabilities

Jenkins Extended Choice Parameter Plugin 346.vd87693c5a_86c and earlier does not escape the name and description of Extended Choice parameters on views displaying parameters

CVE-2022-29038 5.4 - Medium - April 12, 2022

Jenkins Extended Choice Parameter Plugin 346.vd87693c5a_86c and earlier does not escape the name and description of Extended Choice parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.

XSS

Jenkins Extended Choice Parameter Plugin 346.vd87693c5a_86c and earlier

CVE-2022-27203 6.5 - Medium - March 15, 2022

Jenkins Extended Choice Parameter Plugin 346.vd87693c5a_86c and earlier allows attackers with Item/Configure permission to read values from arbitrary JSON and Java properties files on the Jenkins controller.

Directory traversal

Jenkins Extended Choice Parameter Plugin 346.vd87693c5a_86c and earlier does not escape the value and description of extended choice parameters of radio buttons or check boxes type

CVE-2022-27202 5.4 - Medium - March 15, 2022

Jenkins Extended Choice Parameter Plugin 346.vd87693c5a_86c and earlier does not escape the value and description of extended choice parameters of radio buttons or check boxes type, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.

XSS

A missing permission check in Jenkins Extended Choice Parameter Plugin 346.vd87693c5a_86c and earlier

CVE-2022-27205 4.3 - Medium - March 15, 2022

A missing permission check in Jenkins Extended Choice Parameter Plugin 346.vd87693c5a_86c and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL.

AuthZ

A cross-site request forgery vulnerability in Jenkins Extended Choice Parameter Plugin 346.vd87693c5a_86c and earlier

CVE-2022-27204 8.8 - High - March 15, 2022

A cross-site request forgery vulnerability in Jenkins Extended Choice Parameter Plugin 346.vd87693c5a_86c and earlier allows attackers to connect to an attacker-specified URL.

Session Riding

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Jenkins Extended Choice Parameter or by Jenkins? Click the Watch button to subscribe.

Jenkins
Vendor

Jenkins Extended Choice Parameter
Product

subscribe