org.jenkins-ci.plugins:extended-choice-parameter
Maven5 known CVEs affecting this package
Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.
CVEs affecting org.jenkins-ci.plugins:extended-choice-parameterpage 1 of 1
- CVE-2022-27202MEDIUMCVSS 5.4EG 8.02022-03-15
vulnerable: 0.18 ... 343.v3a_a_d43ce47dd (55 versions)
Jenkins Extended Choice Parameter Plugin 346.vd87693c5a_86c and earlier does not escape the value and description of extended choice parameters of radio buttons or check boxes type, resulting in a stored cross-site scripting (XSS) vulnerab…
- CVE-2022-27203MEDIUMCVSS 6.5EG 6.52022-03-15
vulnerable: 0.18 ... 343.v3a_a_d43ce47dd (55 versions)
Jenkins Extended Choice Parameter Plugin 346.vd87693c5a_86c and earlier allows attackers with Item/Configure permission to read values from arbitrary JSON and Java properties files on the Jenkins controller.
- CVE-2022-27204HIGHCVSS 8.8EG 8.8✓ Fixed in 356.va_90a_94ca_62ec2022-03-15
vulnerable: 0.18 ... 346.vd87693c5a_86c (56 versions)
A cross-site request forgery vulnerability in Jenkins Extended Choice Parameter Plugin 346.vd87693c5a_86c and earlier allows attackers to connect to an attacker-specified URL.
- CVE-2022-27205MEDIUMCVSS 4.3EG 4.32022-03-15
vulnerable: 0.18 ... 343.v3a_a_d43ce47dd (55 versions)
A missing permission check in Jenkins Extended Choice Parameter Plugin 346.vd87693c5a_86c and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL.
- CVE-2022-29038MEDIUMCVSS 5.4EG 5.42022-04-12
vulnerable: 0.18 ... 343.v3a_a_d43ce47dd (55 versions)
Jenkins Extended Choice Parameter Plugin 346.vd87693c5a_86c and earlier does not escape the name and description of Extended Choice parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability e…
Check whether org.jenkins-ci.plugins:extended-choice-parameter is used in your infrastructure
EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for org.jenkins-ci.plugins:extended-choice-parameter CVEs against the assets you own.
Start Free Scan →