ru.yandex.jenkins.plugins.debuilder:debian-package-builder (Maven) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the Maven package ru.yandex.jenkins.plugins.debuilder:debian-package-builder, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (2)
CVE-2022-23118 — CVSS 8.8 (high): Jenkins Debian Package Builder Plugin 1.6.11 and earlier implements functionality that allows agents to invoke command-line `git` at an…
CVE-2020-2125 — CVSS 4.3 (medium): Jenkins Debian Package Builder Plugin 1.6.11 and earlier stores a GPG passphrase unencrypted in its global configuration file on the…