Jenkins Pipeline: Multibranch — known CVE vulnerabilities
Every CVE whose affected-product data names Jenkins Pipeline: Multibranch, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2022-25175 — CVSS 8.8 (high): Jenkins Pipeline: Multibranch Plugin 706.vd43c65dec013 and earlier uses the same checkout directories for distinct SCMs for the readTrusted…
CVE-2022-25179 — CVSS 6.5 (medium): Jenkins Pipeline: Multibranch Plugin 706.vd43c65dec013 and earlier follows symbolic links to locations outside of the checkout directory…