Jenkins Project Jenkins Openstack Heat Plugin vulnerabilities
3 known vulnerabilities affecting jenkins_project/jenkins_openstack_heat_plugin.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
MEDIUM3
Vulnerabilities
Page 1 of 1
CVE-2022-36911MEDIUMCVSS 6.5≥ unspecified, ≤ 1.52022-07-27
CVE-2022-36911 [MEDIUM] CWE-352 CVE-2022-36911: A cross-site request forgery (CSRF) vulnerability in Jenkins Openstack Heat Plugin 1.5 and earlier a
A cross-site request forgery (CSRF) vulnerability in Jenkins Openstack Heat Plugin 1.5 and earlier allows attackers to connect to an attacker-specified URL.
cvelistv5nvd
CVE-2022-36913MEDIUMCVSS 4.3≥ unspecified, ≤ 1.52022-07-27
CVE-2022-36913 [MEDIUM] CWE-862 CVE-2022-36913: Jenkins Openstack Heat Plugin 1.5 and earlier does not perform permission checks in methods implemen
Jenkins Openstack Heat Plugin 1.5 and earlier does not perform permission checks in methods implementing form validation, allowing attackers with Overall/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller file system.
cvelistv5nvd
CVE-2022-36912MEDIUMCVSS 4.3≥ unspecified, ≤ 1.52022-07-27
CVE-2022-36912 [MEDIUM] CWE-862 CVE-2022-36912: A missing permission check in Jenkins Openstack Heat Plugin 1.5 and earlier allows attackers with Ov
A missing permission check in Jenkins Openstack Heat Plugin 1.5 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL.
cvelistv5nvd