Every CVE whose affected-product data names Jenkins Mercurial, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2022-30948 — CVSS 7.5 (high): Jenkins Mercurial Plugin 2.16 and earlier allows attackers able to configure pipelines to check out some SCM repositories stored on the…
CVE-2020-2305 — CVSS 6.5 (medium): Jenkins Mercurial Plugin 2.11 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.
CVE-2018-1000112 — CVSS 5.3 (medium): An improper authorization vulnerability exists in Jenkins Mercurial Plugin version 2.2 and earlier in MercurialStatus.java that allows an…
CVE-2022-43410 — CVSS 5.3 (medium): Jenkins Mercurial Plugin 1251.va_b_121f184902 and earlier provides information about which jobs were triggered or scheduled for polling…
CVE-2020-2306 — CVSS 4.3 (medium): A missing permission check in Jenkins Mercurial Plugin 2.11 and earlier allows attackers with Overall/Read permission to obtain a list of…