Vulnerabilities (CVE)

Filtered by vendor Jenkins Subscribe
Filtered by product Repo
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-43415 1 Jenkins 1 Repo 2024-11-21 N/A 7.5 HIGH
Jenkins REPO Plugin 1.15.0 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.
CVE-2022-30949 1 Jenkins 1 Repo 2024-11-21 5.0 MEDIUM 5.3 MEDIUM
Jenkins REPO Plugin 1.14.0 and earlier allows attackers able to configure pipelines to check out some SCM repositories stored on the Jenkins controller's file system using local paths as SCM URLs, obtaining limited information about other projects' SCM contents.