jenkins-2-plugins vulnerabilities

Known vulnerabilities in the jenkins-2-plugins package. This does not include vulnerabilities belonging to this package’s dependencies.

Vulnerability	Vulnerable Version
L Uncontrolled Recursion	*
M Information Exposure	*
M Improper Control of Document Type Definition	*
M Out-of-bounds Write	*
M Out-of-bounds Write	*
M Deserialization of Untrusted Data	*
H Resource Exhaustion	*
M Out-of-bounds Write	*
M Out-of-bounds Write	*
M Directory Traversal	*
M Deserialization of Untrusted Data	*
M Deserialization of Untrusted Data	*
M Out-of-bounds Write	*
M Out-of-bounds Write	*
M Out-of-bounds Write	*
H Deserialization of Untrusted Data	*
M Deserialization of Untrusted Data	*
M Deserialization of Untrusted Data	*
M Out-of-bounds Write	*
M Out-of-bounds Write	*
M Improper Certificate Validation	*
M Improper Certificate Validation	*
M Out-of-bounds Write	*
H Deserialization of Untrusted Data	*
M Files or Directories Accessible to External Parties	*
L Resource Exhaustion	*
L Resource Exhaustion	*
M Resource Exhaustion	*
M Resource Exhaustion	*
M CVE-2022-33980	*
M CVE-2022-33980	*
L Insufficiently Protected Credentials	*
L Insufficiently Protected Credentials	*
L Race Condition	*
L Race Condition	*
L Incorrect Permission Assignment for Critical Resource	*
L Incorrect Permission Assignment for Critical Resource	*
L Improper Output Neutralization for Logs	*
L Improper Output Neutralization for Logs	*
M Stack-based Buffer Overflow	*
M Stack-based Buffer Overflow	*
M Improperly Implemented Security Check for Standard	*
M Allocation of Resources Without Limits or Throttling	*
M Allocation of Resources Without Limits or Throttling	*
L Out-of-bounds Write	*
L Out-of-bounds Write	*
L Out-of-bounds Write	*
L Out-of-bounds Write	*
M Insufficient Entropy	*
M Uncontrolled Recursion	*
M Uncontrolled Recursion	*
M Out-of-bounds Write	*
M Out-of-bounds Write	*
M Improper Input Validation	*
M Improper Input Validation	*
M Information Exposure	*
M Improper Validation of Integrity Check Value	*
M Deserialization of Untrusted Data	*
H Resource Exhaustion	*
H Uncontrolled Recursion	*
M Insecure Default Initialization of Resource	*
H Improper Verification of Cryptographic Signature	*
H Improper Verification of Cryptographic Signature	*
L Cross-site Scripting (XSS)	*
L Information Exposure	*
L Information Exposure	*
M Improper Access Control	*
M Improper Access Control	*
M Trust Boundary Violation	*
M Trust Boundary Violation	*
M Directory Traversal	*
M Directory Traversal	*
M Cross-site Request Forgery (CSRF)	*
M Cross-site Request Forgery (CSRF)	*
M Incorrect Default Permissions	*
M Incorrect Default Permissions	*
M Cross-site Request Forgery (CSRF)	*
M Cross-site Request Forgery (CSRF)	*
M Cross-site Request Forgery (CSRF)	*
M Cross-site Request Forgery (CSRF)	*
M Incorrect Default Permissions	*
M Incorrect Default Permissions	*
M Cross-site Scripting (XSS)	*
M Cross-site Scripting (XSS)	*
M Insufficiently Protected Credentials	*
M Insufficiently Protected Credentials	*
M Insufficiently Protected Credentials	*
M Insufficiently Protected Credentials	*
L Cross-site Request Forgery (CSRF)	*
L Cross-site Request Forgery (CSRF)	*
L Cross-site Request Forgery (CSRF)	*
L Cross-site Request Forgery (CSRF)	*
L Cross-site Request Forgery (CSRF)	*
M Cross-site Request Forgery (CSRF)	*
H Cross-site Scripting (XSS)	*
H Cross-site Scripting (XSS)	*
M Plaintext Storage of a Password	*
M Plaintext Storage of a Password	*
M Improper Output Neutralization for Logs	*
M Improper Output Neutralization for Logs	*
H Static Code Injection	*
H Static Code Injection	*
H Static Code Injection	*
H Static Code Injection	*
H Improper Input Validation	*
H Improper Input Validation	*
H Improper Input Validation	*
H Improper Input Validation	*
H Static Code Injection	*
H Static Code Injection	*
H Static Code Injection	*
M Cross-site Scripting (XSS)	*
M Improper Check for Dropped Privileges	*
M Improper Check for Dropped Privileges	*
H Static Code Injection	*
H Static Code Injection	*
H Static Code Injection	*
H Static Code Injection	*
M Static Code Injection	*
M Cross-site Scripting (XSS)	*
M Cross-site Scripting (XSS)	*
M Cross-site Request Forgery (CSRF)	*
M Cross-site Scripting (XSS)	*
H Directory Traversal	*
H Interaction Error	*
M Cross-site Scripting (XSS)	*
H Key Exchange without Entity Authentication	*
H Protection Mechanism Failure	*
M Information Exposure	*
M Information Exposure	*
M Missing Authorization	*
M Information Exposure	*
M Cross-site Request Forgery (CSRF)	*
M Exposure of Resource to Wrong Sphere	*
M Cross-site Request Forgery (CSRF)	*
H Directory Traversal	*
H Directory Traversal	*
H Cross-site Scripting (XSS)	*
H Cross-site Scripting (XSS)	*
M Information Exposure	*
H Reversible One-Way Hash	*
H Reversible One-Way Hash	*
C Protection Mechanism Failure	*
C Protection Mechanism Failure	*
C Protection Mechanism Failure	*
M Cross-site Scripting (XSS)	*
C Protection Mechanism Failure	*
C Protection Mechanism Failure	*
M Missing Authorization	*
M Cross-site Request Forgery (CSRF)	*
M Out-of-bounds Write	*
H Cross-site Scripting (XSS)	*
M Cross-site Scripting (XSS)	*
C Protection Mechanism Failure	*
H Improper Input Validation	*
M Inappropriate Encoding for Output Context	*
M Open Redirect	*
M Open Redirect	*
H Session Fixation	*
H Session Fixation	*
M Information Exposure	*
H Inappropriate Encoding for Output Context	*
M Cross-site Scripting (XSS)	*
M Information Exposure	*
M Information Exposure	*
M Cross-site Request Forgery (CSRF)	*
M Cross-site Request Forgery (CSRF)	*
H Cross-site Request Forgery (CSRF)	*
H Cross-site Request Forgery (CSRF)	*
M CVE-2023-40339	*
M CVE-2023-40339	*
M Cross-site Request Forgery (CSRF)	*
H Improper Input Validation	*
H Arbitrary Argument Injection	*
M Directory Traversal	*
H Protection Mechanism Failure	*
H Protection Mechanism Failure	*

Vulnerability

Vulnerable Version

Uncontrolled Recursion