cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2022-34818,https://securityvulnerability.io/vulnerability/CVE-2022-34818,Permission Check Flaw in Jenkins Failed Job Deactivator Plugin,"The Jenkins Failed Job Deactivator Plugin versions 1.2.1 and earlier are susceptible to a lack of permission checks across several views and HTTP endpoints. This oversight permits attackers with Overall/Read permission to disable jobs, potentially compromising CI/CD processes and project integrity. Prompt updates are essential to mitigate this risk.",Jenkins,Jenkins Failed Job Deactivator Plugin,4.3,MEDIUM,0.000539999979082495,false,,false,false,false,,,false,false,,2022-06-30T17:49:44.000Z,0
CVE-2022-34817,https://securityvulnerability.io/vulnerability/CVE-2022-34817,Cross-Site Request Forgery in Jenkins Failed Job Deactivator Plugin,"A cross-site request forgery (CSRF) vulnerability exists in the Jenkins Failed Job Deactivator Plugin, specifically in versions 1.2.1 and earlier. This vulnerability allows attackers to issue unauthorized commands that can disable Jenkins jobs. If successfully exploited, this could disrupt the operations relying on these jobs, leading to potential service interruptions. Users of the affected plugin are advised to update to a patched version to mitigate this risk.",Jenkins,Jenkins Failed Job Deactivator Plugin,4.3,MEDIUM,0.0005300000193528831,false,,false,false,false,,,false,false,,2022-06-30T17:49:39.000Z,0