Jenkins Recipe
By the Year
In 2023 there have been 0 vulnerabilities in Jenkins Recipe . Last year Recipe had 3 security vulnerabilities published. Right now, Recipe is on track to have less security vulnerabilities in 2023 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2023 | 0 | 0.00 |
| 2022 | 3 | 7.77 |
| 2021 | 0 | 0.00 |
| 2020 | 0 | 0.00 |
| 2019 | 0 | 0.00 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Recipe vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Jenkins Recipe Security Vulnerabilities
Missing permission checks in Jenkins Recipe Plugin 1.2 and earlier
CVE-2022-34794
6.5 - Medium
- June 30, 2022
Missing permission checks in Jenkins Recipe Plugin 1.2 and earlier allow attackers with Overall/Read permission to send an HTTP request to an attacker-specified URL and parse the response as XML.
AuthZ
Jenkins Recipe Plugin 1.2 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.
CVE-2022-34793
8.8 - High
- June 30, 2022
Jenkins Recipe Plugin 1.2 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.
XXE
A cross-site request forgery (CSRF) vulnerability in Jenkins Recipe Plugin 1.2 and earlier
CVE-2022-34792
8 - High
- June 30, 2022
A cross-site request forgery (CSRF) vulnerability in Jenkins Recipe Plugin 1.2 and earlier allows attackers to send an HTTP request to an attacker-specified URL and parse the response as XML.
Session Riding
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Jenkins Recipe or by Jenkins? Click the Watch button to subscribe.
