Jenkins Recipe vulnerabilities
3 known vulnerabilities affecting jenkins/recipe.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH2MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2022-34792HIGHCVSS 8.0≤ 1.22022-06-30
CVE-2022-34792 [HIGH] CWE-352 CVE-2022-34792: A cross-site request forgery (CSRF) vulnerability in Jenkins Recipe Plugin 1.2 and earlier allows at
A cross-site request forgery (CSRF) vulnerability in Jenkins Recipe Plugin 1.2 and earlier allows attackers to send an HTTP request to an attacker-specified URL and parse the response as XML.
nvd
CVE-2022-34793HIGHCVSS 8.8≤ 1.22022-06-30
CVE-2022-34793 [HIGH] CWE-611 CVE-2022-34793: Jenkins Recipe Plugin 1.2 and earlier does not configure its XML parser to prevent XML external enti
Jenkins Recipe Plugin 1.2 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.
nvd
CVE-2022-34794MEDIUMCVSS 6.5≤ 1.22022-06-30
CVE-2022-34794 [MEDIUM] CWE-862 CVE-2022-34794: Missing permission checks in Jenkins Recipe Plugin 1.2 and earlier allow attackers with Overall/Read
Missing permission checks in Jenkins Recipe Plugin 1.2 and earlier allow attackers with Overall/Read permission to send an HTTP request to an attacker-specified URL and parse the response as XML.
nvd