org.jenkins-ci.plugins:ci-with-toad-edge

Maven4 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting org.jenkins-ci.plugins:ci-with-toad-edgepage 1 of 1

CVE-2022-28145MEDIUMCVSS 5.4EG 5.4✓ Fixed in 2.4
2022-03-29
vulnerable: 1.0, 1.2, 2.0, 2.2, 2.3
Jenkins Continuous Integration with Toad Edge Plugin 2.3 and earlier does not apply Content-Security-Policy headers to report files it serves, resulting in a stored cross-site scripting (XSS) exploitable by attackers with Item/Configure pe…
CVE-2022-28146MEDIUMCVSS 6.5EG 6.5✓ Fixed in 2.4
2022-03-29
vulnerable: 1.0, 1.2, 2.0, 2.2, 2.3
Jenkins Continuous Integration with Toad Edge Plugin 2.3 and earlier allows attackers with Item/Configure permission to read arbitrary files on the Jenkins controller by specifying an input folder on the Jenkins controller as a parameter t…
CVE-2022-28147MEDIUMCVSS 4.3EG 4.3✓ Fixed in 2.4
2022-03-29
vulnerable: 1.0, 1.2, 2.0, 2.2, 2.3
A missing permission check in Jenkins Continuous Integration with Toad Edge Plugin 2.3 and earlier allows attackers with Overall/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller file s…
CVE-2022-28148MEDIUMCVSS 6.5EG 6.5✓ Fixed in 2.4
2022-03-29
vulnerable: 1.0, 1.2, 2.0, 2.2, 2.3
The file browser in Jenkins Continuous Integration with Toad Edge Plugin 2.3 and earlier may interpret some paths to files as absolute on Windows, resulting in a path traversal vulnerability allowing attackers with Item/Read permission to …

Check whether org.jenkins-ci.plugins:ci-with-toad-edge is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for org.jenkins-ci.plugins:ci-with-toad-edge CVEs against the assets you own.

Start Free Scan →