CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Jenkins: >> Warnings Next Generation >> 5.0.0 Security Vulnerabilities

CVE-2021-21626

Jenkins Warnings Next Generation Plugin 8.4.4 and earlier does not perform a permission check in methods implementing form validation, allowing attackers with Item/Read permission but without Item/Workspace or Item/Configure permission to check whether attacker-specified file patterns match workspace contents.

CVSS Score

4.3

EPSS Score

0.0

Published

2021-03-18

CVE-2019-10325

A cross-site scripting vulnerability in Jenkins Warnings NG Plugin 5.0.0 and earlier allowed attacker with Job/Configure permission to inject arbitrary JavaScript in build overview pages.

CVSS Score

5.4

EPSS Score

0.001

Published

2019-05-31

CVE-2019-10326

A cross-site request forgery vulnerability in Jenkins Warnings NG Plugin 5.0.0 and earlier allowed attackers to reset warning counts for future builds.

CVSS Score

4.3

EPSS Score

0.003

Published

2019-05-31

Page 1

Vulnerabilities

Vulnerable Software

Jenkins: >> Warnings Next Generation >> 5.0.0 Security Vulnerabilities

Products

Pricing

Contact Us