VYPR

Semantic Versioning Plugin

by Jenkins Project

Source repositories

CVEs (3)

  • CVE-2023-24429Jan 24, 2023
    risk 0.00cvss epss 0.01

    Jenkins Semantic Versioning Plugin 1.14 and earlier does not restrict execution of an controller/agent message to agents, and implements no limitations about the file path that can be parsed, allowing attackers able to control agent processes to have Jenkins parse a crafted file…

  • CVE-2023-24430Jan 24, 2023
    risk 0.00cvss epss 0.01

    Jenkins Semantic Versioning Plugin 1.14 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.

  • CVE-2022-27201Mar 15, 2022
    risk 0.00cvss epss 0.01

    Jenkins Semantic Versioning Plugin 1.13 and earlier does not restrict execution of an controller/agent message to agents, and implements no limitations about the file path that can be parsed, allowing attackers able to control agent processes to have Jenkins parse a crafted file…