CPE Details
Jenkins Matrix Project 1.20 for Jenkins
1.20
2022-11-23
00h39 +00:00
00h39 +00:00
2022-11-23
00h46 +00:00
00h46 +00:00
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
CPE Name: cpe:2.3:a:jenkins:matrix_project:1.20:*:*:*:*:jenkins:*:*
Informations
Vendor
jenkinsProduct
matrix_projectVersion
1.20Target Software
jenkinsRelated CVE
| CVE ID | Published | Description | Score | Severity |
|---|---|---|---|---|
| Jenkins Matrix Project Plugin 822.v01b_8c85d16d2 and earlier does not sanitize user-defined axis names of multi-configuration projects, allowing attackers with Item/Configure permission to create or replace any config.xml files on the Jenkins controller file system with content not controllable by the attackers. | 4.3 |
Medium |
The information presented on CVE Find originates from several carefully selected reference sources. CVE data is provided by MITRE Corporation and the National Vulnerability Database (NVD). The Known Exploited Vulnerabilities (KEV) catalog is sourced from the Cybersecurity and Infrastructure Security Agency (CISA), while EPSS scores come from FIRST.org. Additionally, data regarding software weaknesses (CWE) and common attack patterns (CAPEC) is maintained by MITRE Corporation, and information on hardware and software configurations (CPE) is provided by the NVD.