Jenkins - Release CVE

Filtered by vendor Jenkins Subscriptions

Filtered by product Release Subscriptions

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2018-1000013	1 Jenkins	1 Release	2024-08-05	N/A
Jenkins Release Plugin 2.9 and earlier did not require form submissions to be submitted via POST, resulting in a CSRF vulnerability allowing attackers to trigger release builds.
CVE-2020-2292	1 Jenkins	1 Release	2024-08-04	5.4 Medium
Jenkins Release Plugin 2.10.2 and earlier does not escape the release version in badge tooltip, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Release/Release permission.

Page 1 of 1.