Jenkins Git Parameter
By the Year
In 2023 there have been 0 vulnerabilities in Jenkins Git Parameter . Last year Git Parameter had 1 security vulnerability published. Right now, Git Parameter is on track to have less security vulnerabilities in 2023 than it did last year.
Year | Vulnerabilities | Average Score |
---|---|---|
2023 | 0 | 0.00 |
2022 | 1 | 5.40 |
2021 | 0 | 0.00 |
2020 | 3 | 5.40 |
2019 | 0 | 0.00 |
2018 | 0 | 0.00 |
It may take a day or so for new Git Parameter vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Jenkins Git Parameter Security Vulnerabilities
Jenkins Git Parameter Plugin 0.9.15 and earlier does not escape the name and description of Git parameters on views displaying parameters
CVE-2022-29040
5.4 - Medium
- April 12, 2022
Jenkins Git Parameter Plugin 0.9.15 and earlier does not escape the name and description of Git parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.
XSS
Jenkins Git Parameter Plugin 0.9.12 and earlier does not escape the repository field on the 'Build with Parameters' page
CVE-2020-2238
5.4 - Medium
- September 01, 2020
Jenkins Git Parameter Plugin 0.9.12 and earlier does not escape the repository field on the 'Build with Parameters' page, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Job/Configure permission.
XSS
Jenkins Git Parameter Plugin 0.9.11 and earlier does not escape the parameter name shown on the UI
CVE-2020-2112
5.4 - Medium
- February 12, 2020
Jenkins Git Parameter Plugin 0.9.11 and earlier does not escape the parameter name shown on the UI, resulting in a stored cross-site scripting vulnerability exploitable by users with Job/Configure permission.
XSS
Jenkins Git Parameter Plugin 0.9.11 and earlier does not escape the default value shown on the UI
CVE-2020-2113
5.4 - Medium
- February 12, 2020
Jenkins Git Parameter Plugin 0.9.11 and earlier does not escape the default value shown on the UI, resulting in a stored cross-site scripting vulnerability exploitable by users with Job/Configure permission.
XSS
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Jenkins Git Parameter or by Jenkins? Click the Watch button to subscribe.
