Every CVE whose affected-product data names Jenkins Gitlab, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2019-10301 — CVSS 8.8 (high): A missing permission check in Jenkins GitLab Plugin 1.5.11 and earlier in the GitLabConnectionConfig#doTestConnection form validation…
CVE-2019-10300 — CVSS 8.0 (high): A cross-site request forgery vulnerability in Jenkins GitLab Plugin 1.5.11 and earlier in the GitLabConnectionConfig#doTestConnection form…
CVE-2022-30955 — CVSS 6.5 (medium): Jenkins GitLab Plugin 1.5.31 and earlier does not perform a permission check in an HTTP endpoint, allowing attackers with Overall/Read…
CVE-2022-34777 — CVSS 5.4 (medium): Jenkins GitLab Plugin 1.5.34 and earlier does not escape multiple fields inserted into the description of webhook-triggered builds…
CVE-2022-43411 — CVSS 5.3 (medium): Jenkins GitLab Plugin 1.5.35 and earlier uses a non-constant time comparison function when checking whether the provided and expected…
CVE-2025-24397 — CVSS 4.3 (medium): An incorrect permission check in Jenkins GitLab Plugin 1.9.6 and earlier allows attackers with global Item/Configure permission (while…