Every CVE whose affected-product data names Jenkins Elasticbox Ci, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2023-37964 — CVSS 8.8 (high): A cross-site request forgery (CSRF) vulnerability in Jenkins ElasticBox CI Plugin 5.0.1 and earlier allows attackers to connect to an…
CVE-2023-37965 — CVSS 7.1 (high): A missing permission check in Jenkins ElasticBox CI Plugin 5.0.1 and earlier allows attackers with Overall/Read permission to connect to an…
CVE-2019-10450 — CVSS 3.3 (low): Jenkins ElasticBox CI Plugin stores credentials unencrypted in the global config.xml configuration file on the Jenkins master where they…