Jenkins Publish Over Ssh — known CVE vulnerabilities
Every CVE whose affected-product data names Jenkins Publish Over Ssh, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2022-23112 — CVSS 6.5 (medium): A missing permission check in Jenkins Publish Over SSH Plugin 1.22 and earlier allows attackers with Overall/Read access to connect to an…
CVE-2022-23110 — CVSS 4.8 (medium): Jenkins Publish Over SSH Plugin 1.22 and earlier does not escape the SSH server name, resulting in a stored cross-site scripting (XSS)…
CVE-2022-23111 — CVSS 4.3 (medium): A cross-site request forgery (CSRF) vulnerability in Jenkins Publish Over SSH Plugin 1.22 and earlier allows attackers to connect to an…
CVE-2022-23113 — CVSS 4.3 (medium): Jenkins Publish Over SSH Plugin 1.22 and earlier performs a validation of the file name specifying whether it is present or not, resulting…
CVE-2022-23114 — CVSS 3.3 (low): Jenkins Publish Over SSH Plugin 1.22 and earlier stores password unencrypted in its global configuration file on the Jenkins controller…