CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Jenkins: >> Mailer >> 1.29.1 Security Vulnerabilities

CVE-2022-20613

A cross-site request forgery (CSRF) vulnerability in Jenkins Mailer Plugin 391.ve4a_38c1b_cf4b_ and earlier allows attackers to use the DNS used by the Jenkins instance to resolve an attacker-specified hostname.

CVSS Score

4.3

EPSS Score

0.001

Published

2022-01-12

CVE-2022-20614

A missing permission check in Jenkins Mailer Plugin 391.ve4a_38c1b_cf4b_ and earlier allows attackers with Overall/Read access to use the DNS used by the Jenkins instance to resolve an attacker-specified hostname.

CVSS Score

4.3

EPSS Score

0.022

Published

2022-01-12

CVE-2020-2252

Jenkins Mailer Plugin 1.32 and earlier does not perform hostname validation when connecting to the configured SMTP server.

CVSS Score

4.8

EPSS Score

0.0

Published

2020-09-16

Page 1

Vulnerabilities

Vulnerable Software

Jenkins: >> Mailer >> 1.29.1 Security Vulnerabilities

Products

Pricing

Contact Us