Jenkins Project Jenkins Matlab Plugin vulnerabilities

3 known vulnerabilities affecting jenkins_project/jenkins_matlab_plugin.

Total CVEs

3

CISA KEV

0

Public exploits

0

Exploited in wild

0

Severity breakdown

CRITICAL2HIGH1

Vulnerabilities

Page 1 of 1

CVE-2023-49656CRITICALCVSS 9.8≤ 2.11.02023-11-29

CVE-2023-49656 [CRITICAL] CWE-611 CVE-2023-49656: Jenkins MATLAB Plugin 2.11.0 and earlier does not configure its XML parser to prevent XML external e Jenkins MATLAB Plugin 2.11.0 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.

CVE-2023-49654CRITICALCVSS 9.8≤ 2.11.02023-11-29

CVE-2023-49654 [CRITICAL] CWE-862 CVE-2023-49654: Missing permission checks in Jenkins MATLAB Plugin 2.11.0 and earlier allow attackers to have Jenkin Missing permission checks in Jenkins MATLAB Plugin 2.11.0 and earlier allow attackers to have Jenkins parse an XML file from the Jenkins controller file system.

CVE-2023-49655HIGHCVSS 8.8≤ 2.11.02023-11-29

CVE-2023-49655 [HIGH] CWE-352 CVE-2023-49655: A cross-site request forgery (CSRF) vulnerability in Jenkins MATLAB Plugin 2.11.0 and earlier allows A cross-site request forgery (CSRF) vulnerability in Jenkins MATLAB Plugin 2.11.0 and earlier allows attackers to have Jenkins parse an XML file from the Jenkins controller file system.