Every CVE whose affected-product data names Jenkins Cloudbees Cd, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2023-46654 — CVSS 8.1 (high): Jenkins CloudBees CD Plugin 1.1.32 and earlier follows symbolic links to locations outside of the expected directory during the cleanup…
CVE-2023-46655 — CVSS 6.5 (medium): Jenkins CloudBees CD Plugin 1.1.32 and earlier follows symbolic links to locations outside of the directory from which artifacts are…
CVE-2021-21647 — CVSS 4.3 (medium): Jenkins CloudBees CD Plugin 1.1.21 and earlier does not perform a permission check in an HTTP endpoint, allowing attackers with Item/Read…