Jenkins Gerrit Trigger — known CVE vulnerabilities
Every CVE whose affected-product data names Jenkins Gerrit Trigger, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2019-16551 — CVSS 8.8 (high): A cross-site request forgery vulnerability in Jenkins Gerrit Trigger Plugin 2.30.1 and earlier allows attackers to connect to an…
CVE-2023-24423 — CVSS 6.5 (medium): A cross-site request forgery (CSRF) vulnerability in Jenkins Gerrit Trigger Plugin 2.38.0 and earlier allows attackers to rebuild previous…
CVE-2018-1000106 — CVSS 5.4 (medium): An improper authorization vulnerability exists in Jenkins Gerrit Trigger Plugin 2.27.4 and earlier in GerritManagement.java…
CVE-2019-16552 — CVSS 5.4 (medium): A missing permission check in Jenkins Gerrit Trigger Plugin 2.30.1 and earlier allows attackers with Overall/Read permission to connect to…
CVE-2022-29039 — CVSS 5.4 (medium): Jenkins Gerrit Trigger Plugin 2.35.2 and earlier does not escape the name and description of Base64 Encoded String parameters on views…
CVE-2018-1000105 — CVSS 4.3 (medium): An improper authorization vulnerability exists in Jenkins Gerrit Trigger Plugin 2.27.4 and earlier in GerritManagement.java…