Every CVE whose affected-product data names Jenkins Junit, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2018-1000056 — CVSS 8.3 (high): Jenkins JUnit Plugin 1.23 and earlier processes XML external entities in files it parses as part of the build process, allowing attackers…
CVE-2018-1000411 — CVSS 6.5 (medium): A cross-site request forgery vulnerability exists in Jenkins JUnit Plugin 1.25 and earlier in TestObject.java that allows setting the…
CVE-2022-34176 — CVSS 5.4 (medium): Jenkins JUnit Plugin 1119.va_a_5e9068da_d7 and earlier does not escape descriptions of test results, resulting in a stored cross-site…
CVE-2022-45380 — CVSS 5.4 (medium): Jenkins JUnit Plugin 1159.v0b_396e1e07dd and earlier converts HTTP(S) URLs in test report output to clickable links in an unsafe manner…
CVE-2023-25761 — CVSS 5.4 (medium): Jenkins JUnit Plugin 1166.va_436e268e972 and earlier does not escape test case class names in JavaScript expressions, resulting in a stored…