Jenkins Docker Commons — known CVE vulnerabilities
Every CVE whose affected-product data names Jenkins Docker Commons, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2022-20617 — CVSS 8.8 (high): Jenkins Docker Commons Plugin 1.17 and earlier does not sanitize the name of an image or a tag, resulting in an OS command execution…
CVE-2017-1000094 — CVSS 6.5 (medium): Docker Commons Plugin provides a list of applicable credential IDs to allow users configuring a job to select the one they'd like to use to…