Jenkins Storable Configs
By the Year
In 2024 there have been 0 vulnerabilities in Jenkins Storable Configs . Storable Configs did not have any published security vulnerabilities last year.
Year | Vulnerabilities | Average Score |
---|---|---|
2024 | 0 | 0.00 |
2023 | 0 | 0.00 |
2022 | 1 | 8.80 |
2021 | 0 | 0.00 |
2020 | 2 | 6.50 |
2019 | 0 | 0.00 |
2018 | 0 | 0.00 |
It may take a day or so for new Storable Configs vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Jenkins Storable Configs Security Vulnerabilities
Jenkins Storable Configs Plugin 1.0 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.
CVE-2022-30971
8.8 - High
- May 17, 2022
Jenkins Storable Configs Plugin 1.0 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.
XXE
Jenkins Storable Configs Plugin 1.0 and earlier does not restrict the user-specified file name
CVE-2020-2278
6.5 - Medium
- September 16, 2020
Jenkins Storable Configs Plugin 1.0 and earlier does not restrict the user-specified file name, allowing attackers with Job/Configure permission to replace any other '.xml' file on the Jenkins controller with a job config.xml file's content.
Directory traversal
Jenkins Storable Configs Plugin 1.0 and earlier
CVE-2020-2277
6.5 - Medium
- September 16, 2020
Jenkins Storable Configs Plugin 1.0 and earlier allows users with Job/Read permission to read arbitrary files on the Jenkins controller.
Directory traversal
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Jenkins Storable Configs or by Jenkins? Click the Watch button to subscribe.