Every CVE whose affected-product data names Jenkins Electricflow, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2019-10334 — CVSS 6.5 (medium): Jenkins ElectricFlow Plugin 1.1.5 and earlier disabled SSL/TLS and hostname verification globally for the Jenkins master JVM when…
CVE-2019-10336 — CVSS 6.1 (medium): A reflected cross site scripting vulnerability in Jenkins ElectricFlow Plugin 1.1.6 and earlier allowed attackers able to control the…
CVE-2019-10335 — CVSS 5.4 (medium): A stored cross site scripting vulnerability in Jenkins ElectricFlow Plugin 1.1.5 and earlier allowed attackers able to configure jobs in…
CVE-2019-10331 — CVSS 4.3 (medium): A cross-site request forgery vulnerability in Jenkins ElectricFlow Plugin 1.1.5 and earlier in Configuration#doTestConnection allowed…
CVE-2019-10332 — CVSS 4.3 (medium): A missing permission check in Jenkins ElectricFlow Plugin 1.1.5 and earlier in Configuration#doTestConnection allowed users with…
CVE-2019-10333 — CVSS 4.3 (medium): Missing permission checks in Jenkins ElectricFlow Plugin 1.1.5 and earlier in various HTTP endpoints allowed users with Overall/Read access…