Mailer Jenkins Mailer

Do you want an email whenever new security vulnerabilities are reported in Jenkins Mailer?

By the Year

In 2024 there have been 0 vulnerabilities in Jenkins Mailer . Mailer did not have any published security vulnerabilities last year.

Year Vulnerabilities Average Score
2024 0 0.00
2023 0 0.00
2022 2 4.30
2021 0 0.00
2020 1 4.80
2019 0 0.00
2018 1 8.00

It may take a day or so for new Mailer vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Jenkins Mailer Security Vulnerabilities

A missing permission check in Jenkins Mailer Plugin 391.ve4a_38c1b_cf4b_ and earlier

CVE-2022-20614 4.3 - Medium - January 12, 2022

A missing permission check in Jenkins Mailer Plugin 391.ve4a_38c1b_cf4b_ and earlier allows attackers with Overall/Read access to use the DNS used by the Jenkins instance to resolve an attacker-specified hostname.

AuthZ

A cross-site request forgery (CSRF) vulnerability in Jenkins Mailer Plugin 391.ve4a_38c1b_cf4b_ and earlier

CVE-2022-20613 4.3 - Medium - January 12, 2022

A cross-site request forgery (CSRF) vulnerability in Jenkins Mailer Plugin 391.ve4a_38c1b_cf4b_ and earlier allows attackers to use the DNS used by the Jenkins instance to resolve an attacker-specified hostname.

Session Riding

Jenkins Mailer Plugin 1.32 and earlier does not perform hostname validation when connecting to the configured SMTP server.

CVE-2020-2252 4.8 - Medium - September 16, 2020

Jenkins Mailer Plugin 1.32 and earlier does not perform hostname validation when connecting to the configured SMTP server.

Improper Certificate Validation

Cross-site request forgery (CSRF) vulnerability in the Mailer Plugin 1.20 for Jenkins 2.111

CVE-2018-8718 8 - High - March 27, 2018

Cross-site request forgery (CSRF) vulnerability in the Mailer Plugin 1.20 for Jenkins 2.111 allows remote authenticated users to send unauthorized mail as an arbitrary user via a /descriptorByName/hudson.tasks.Mailer/sendTestMail request.

Session Riding

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Jenkins Mailer or by Jenkins? Click the Watch button to subscribe.

Jenkins
Vendor

subscribe