Every CVE whose affected-product data names Jenkins S3 Publisher, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2020-2114 — CVSS 7.5 (high): Jenkins S3 publisher Plugin 0.11.4 and earlier transmits configured credentials in plain text as part of the global Jenkins configuration…
CVE-2018-1000177 — CVSS 5.4 (medium): A cross-site scripting vulnerability exists in Jenkins S3 Plugin 0.10.12 and older in src/main/resources/hudson/plugins/s3/S3ArtifactsProjec…
CVE-2021-21650 — CVSS 4.3 (medium): Jenkins S3 publisher Plugin 0.11.6 and earlier does not perform Run/Artifacts permission checks in various HTTP endpoints and API models…
CVE-2021-21651 — CVSS 4.3 (medium): Jenkins S3 publisher Plugin 0.11.6 and earlier does not perform a permission check in an HTTP endpoint, allowing attackers with…