Every CVE whose affected-product data names Jenkins Subversion, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (7)
CVE-2021-21698 — CVSS 7.5 (high): Jenkins Subversion Plugin 2.15.0 and earlier does not restrict the name of a file when looking up a subversion key file on the controller…
CVE-2020-2304 — CVSS 6.5 (medium): Jenkins Subversion Plugin 2.13.1 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.
CVE-2017-1000085 — CVSS 6.5 (medium): Subversion Plugin connects to a user-specified Subversion repository as part of form validation (e.g. to retrieve a list of tags). This…
CVE-2022-29046 — CVSS 5.4 (medium): Jenkins Subversion Plugin 2.15.3 and earlier does not escape the name and description of List Subversion tags (and more) parameters on…
CVE-2020-2111 — CVSS 5.4 (medium): Jenkins Subversion Plugin 2.13.0 and earlier does not escape the error message for the Project Repository Base URL field form validation…
CVE-2018-1000111 — CVSS 5.3 (medium): An improper authorization vulnerability exists in Jenkins Subversion Plugin version 2.10.2 and earlier in SubversionStatus.java and…
CVE-2022-29048 — CVSS 4.3 (medium): A cross-site request forgery (CSRF) vulnerability in Jenkins Subversion Plugin 2.15.3 and earlier allows attackers to connect to an…