Every CVE whose affected-product data names Jenkins Mailer, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2018-8718 — CVSS 8.0 (high): Cross-site request forgery (CSRF) vulnerability in the Mailer Plugin 1.20 for Jenkins 2.111 allows remote authenticated users to send…
CVE-2020-2252 — CVSS 4.8 (medium): Jenkins Mailer Plugin 1.32 and earlier does not perform hostname validation when connecting to the configured SMTP server.
CVE-2022-20613 — CVSS 4.3 (medium): A cross-site request forgery (CSRF) vulnerability in Jenkins Mailer Plugin 391.ve4a_38c1b_cf4b_ and earlier allows attackers to use the DNS…
CVE-2022-20614 — CVSS 4.3 (medium): A missing permission check in Jenkins Mailer Plugin 391.ve4a_38c1b_cf4b_ and earlier allows attackers with Overall/Read access to use the…
CVE-2017-2651 — CVSS 3.7 (low): jenkins-mailer-plugin before version 1.20 is vulnerable to an information disclosure while using the feature to send emails to a…