org.jenkins-ci:update-center2 (Maven) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the Maven package org.jenkins-ci:update-center2, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (2)
CVE-2022-45397 — CVSS 9.8 (critical): Jenkins OSF Builder Suite : : XML Linter Plugin 1.0.2 and earlier does not configure its XML parser to prevent XML external entity (XXE)…
CVE-2023-27905 — CVSS 9.6 (critical): Jenkins update-center2 3.13 and 3.14 renders the required Jenkins core version on plugin download index pages without sanitization…