Every CVE whose affected-product data names Jenkins Warnings, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2018-1000012 — CVSS 8.8 (high): Jenkins Warnings Plugin 4.64 and earlier processes XML external entities in files it parses as part of the build process, allowing…
CVE-2019-1003007 — CVSS 8.8 (high): A cross-site request forgery vulnerability exists in Jenkins Warnings Plugin 5.0.0 and earlier in src/main/java/hudson/plugins/warnings/Groo…
CVE-2020-2280 — CVSS 8.8 (high): A cross-site request forgery (CSRF) vulnerability in Jenkins Warnings Plugin 5.0.1 and earlier allows attackers to execute arbitrary code.
CVE-2023-46651 — CVSS 6.5 (medium): Jenkins Warnings Plugin 10.5.0 and earlier does not set the appropriate context for credentials lookup, allowing attackers with…