cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2022-41232,https://securityvulnerability.io/vulnerability/CVE-2022-41232,CSRF Vulnerability in Jenkins Build-Publisher Plugin from Jenkins,"A Cross-Site Request Forgery (CSRF) vulnerability exists in the Jenkins Build-Publisher Plugin, versions prior to 1.22. This flaw allows attackers to manipulate the Jenkins controller by submitting a crafted file name to a specific API endpoint. Consequently, the attacker can replace any config.xml file on the Jenkins controller's file system with an empty file, potentially leading to disruptions in Jenkins operations.",Jenkins,Jenkins Build-publisher Plugin,8,HIGH,0.0006300000241026282,false,,false,false,false,,,false,false,,2022-09-21T15:45:52.000Z,0
CVE-2022-41230,https://securityvulnerability.io/vulnerability/CVE-2022-41230,Jenkins Build-Publisher Plugin Insecure HTTP Endpoint Vulnerability,"The Jenkins Build-Publisher Plugin prior to version 1.23 lacks adequate permission checks in its HTTP endpoint. This oversight permits users with Overall/Read permissions to access sensitive information, including the names and URLs of Jenkins servers where builds are configured for publication, along with details of builds awaiting publication to these servers. Such vulnerabilities can be exploited to compromise the integrity of the build process and expose critical server configurations.",Jenkins,Jenkins Build-publisher Plugin,4.3,MEDIUM,0.000539999979082495,false,,false,false,false,,,false,false,,2022-09-21T15:45:51.000Z,0
CVE-2022-41231,https://securityvulnerability.io/vulnerability/CVE-2022-41231,File Manipulation Vulnerability in Jenkins Build-Publisher Plugin by Jenkins,"The Jenkins Build-Publisher Plugin prior to version 1.23 allows users with Item/Configure permission to exploit an API endpoint by supplying a specially crafted file name. This exploit enables them to create or overwrite any config.xml file on the Jenkins controller file system, potentially leading to unauthorized changes and system compromise. It is critical for administrators to upgrade to the latest version to mitigate this vulnerability.",Jenkins,Jenkins Build-publisher Plugin,5.7,MEDIUM,0.0006300000241026282,false,,false,false,false,,,false,false,,2022-09-21T15:45:51.000Z,0