CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-43432

Jenkins XFramium Builder Plugin 1.0.22 and earlier programmatically disables Content-Security-Policy protection for user-generated content in workspaces, archived artifacts, etc. that Jenkins offers for download.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 30.2%

CVSS Severity

CVSS v3 Score 4.3

References

http://www.openwall.com/lists/oss-security/2022/10/19/3
https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2863
http://www.openwall.com/lists/oss-security/2022/10/19/3
https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2863

Products affected by CVE-2022-43432

Jenkins » Xframium Builder » Version: Any

cpe:2.3:a:jenkins:xframium_builder:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-43432

Products

Pricing

Contact Us