Jenkins Sonargraph Integration — known CVE vulnerabilities
Every CVE whose affected-product data names Jenkins Sonargraph Integration, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2020-2201 — CVSS 5.4 (medium): Jenkins Sonargraph Integration Plugin 3.0.0 and earlier does not escape the file path for the Log file field form validation, resulting in…
CVE-2023-35145 — CVSS 5.4 (medium): Jenkins Sonargraph Integration Plugin 5.0.1 and earlier does not escape the file path and the project name for the Log file field form…