Org.jenkins-ci.plugins:job-import-plugin

This hub aggregates every CVE we track for Org.jenkins-ci.plugins:job-import-plugin, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 4 most recently published vulnerabilities affecting Org.jenkins-ci.plugins:job-import-plugin.

• CVE-2022-43413Jenkins Job Import Plugin 3.5 and earlier does not perform a permission check in an HTTP endpoint, allowing attackers with Overall/Read permission to enumerate credentials IDs of credentials stored...4.3Oct 19, 2022
• CVE-2019-1003016An exposure of sensitive information vulnerability exists in Jenkins Job Import Plugin 2.1 and earlier in src/main/java/org/jenkins/ci/plugins/jobimport/JobImportAction.java, src/main/java/org/jenk...8.8Feb 6, 2019
• CVE-2019-1003017A data modification vulnerability exists in Jenkins Job Import Plugin 3.0 and earlier in JobImportAction.java that allows attackers to copy jobs from a preconfigured other Jenkins instance, potenti...5.3Feb 6, 2019
• CVE-2019-1003015An XML external entity processing vulnerability exists in Jenkins Job Import Plugin 2.1 and earlier in src/main/java/org/jenkins/ci/plugins/jobimport/client/RestApiClient.java that allows attackers...9.1Feb 6, 2019