cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2022-45383,https://securityvulnerability.io/vulnerability/CVE-2022-45383,Incorrect Permission Check in Jenkins Support Core Plugin,"An incorrect permission check in the Jenkins Support Core Plugin allows unauthorized users with Support/DownloadBundle permission to download sensitive support bundles. These bundles can contain confidential information that should only be accessible to users with Overall/Administer permission, posing a significant security risk to Jenkins environments.",Jenkins,Jenkins Support Core Plugin,6.5,MEDIUM,0.0006300000241026282,false,,false,false,false,,,false,false,,2022-11-15T00:00:00.000Z,0
CVE-2022-25187,https://securityvulnerability.io/vulnerability/CVE-2022-25187,Sensitive Information Exposure in Jenkins Support Core Plugin,"The Jenkins Support Core Plugin 2.79 and earlier versions fail to properly redact certain sensitive information within the support bundle. This oversight can lead to unintentional data leaks, potentially exposing user credentials and other confidential information to unauthorized personnel. It is crucial for users to assess their use of this plugin and implement necessary security measures to mitigate risks.",Jenkins,Jenkins Support Core Plugin,6.5,MEDIUM,0.0006500000017695129,false,,false,false,false,,,false,false,,2022-02-15T16:11:13.000Z,0
CVE-2021-21621,https://securityvulnerability.io/vulnerability/CVE-2021-21621,,"Jenkins Support Core Plugin 2.72 and earlier provides the serialized user authentication as part of the ""About user (basic authentication details only)"" information, which can include the session ID of the user creating the support bundle in some configurations.",Jenkins,Jenkins Support Core Plugin,5.3,MEDIUM,0.0008399999933317304,false,,false,false,false,,,false,false,,2021-02-24T15:05:30.000Z,0
CVE-2019-16539,https://securityvulnerability.io/vulnerability/CVE-2019-16539,,A missing permission check in Jenkins Support Core Plugin 2.63 and earlier allows attackers with Overall/Read permission to delete support bundles.,Jenkins,Jenkins Support Core Plugin,6.5,MEDIUM,0.0005000000237487257,false,,false,false,false,,,false,false,,2019-11-21T14:11:20.000Z,0
CVE-2019-16540,https://securityvulnerability.io/vulnerability/CVE-2019-16540,,A path traversal vulnerability in Jenkins Support Core Plugin 2.63 and earlier allows attackers with Overall/Read permission to delete arbitrary files on the Jenkins master.,Jenkins,Jenkins Support Core Plugin,6.5,MEDIUM,0.0005699999746866524,false,,false,false,false,,,false,false,,2019-11-21T14:11:20.000Z,0