GHSA-4w4h-8qh9-342x · 深刻度: low · エコシステム: maven — Jenkins allows Cross-Site Scripting (XSS)
Cross-site scripting (XSS) vulnerability in Jenkins before 1.454, Jenkins LTS before 1.424.5, and Jenkins Enterprise 1.400.x before 1.400.0.13 and 1.424.x before 1.424.5.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2012-0325.
総合評価: CVE-2012-0324 は低リスク(30.9/100)。CVSS 深刻度は中。悪用される可能性が高い(EPSS 0.21%、40 パーセンタイル) 推奨対応: 悪用情報と EPSS の推移を監視し、必要に応じて優先度を見直してください。
リスクは変動します。再評価に基づき、本ページの表示内容を更新しています。
EPSS は日次で悪用されやすさの相対度合いを推定します。パーセンタイルは採点済み CVE の中での相対位置(高いほど相対的に深刻)を示します。
| # | 日付 | 旧 EPSS スコア | 新 EPSS スコア | Δ(新 − 旧) |
|---|---|---|---|---|
| 1 | 2025-03-30 | 0.45% | 0.21% | -0.24% |
| 2 | 2025-03-29 | 0.21% | 0.45% | +0.24% |
| 3 | 2025-03-25 | — | 0.21% | — |
EPSS の全履歴 (全 6 件)
この CVE の CVSS 指標。
| ベーススコア | バージョン | 深刻度 | ベクトル | 悪用しやすさ | 影響 | スコアの出典 |
|---|---|---|---|---|---|---|
| 4.3 | 2.0 | MEDIUM |
|
8.6 | 2.9 | [email protected] |
GHSA-4w4h-8qh9-342x · 深刻度: low · エコシステム: maven — Jenkins allows Cross-Site Scripting (XSS)
| vendor | priority | summary | link |
|---|---|---|---|
ubuntu
|
medium | CVE-2012-0324 medium priority: Ubuntu including 1 source packages (jenkins), 9 status rows across 9 suites (hardy, lucid, maverick, natty, oneiric, precise, quantal, raring, upstream): DNE 4, not-affected 3, ignored 1, released 1. | https://ubuntu.com/security/CVE-2012-0324 |
| ベンダー | 製品 | バージョン | 生の CPE |
|---|---|---|---|
| cloudbees | jenkins | 1.400 | cpe:2.3:a:cloudbees:jenkins:1.400:*:enterprise:*:*:*:*:* |
| cloudbees | jenkins | 1.400.0.12 | cpe:2.3:a:cloudbees:jenkins:1.400.0.12:*:enterprise:*:*:*:*:* |
| cloudbees | jenkins | 1.424 | cpe:2.3:a:cloudbees:jenkins:1.424:*:enterprise:*:*:*:*:* |
| cloudbees | jenkins | 1.424.5 | cpe:2.3:a:cloudbees:jenkins:1.424.5:*:enterprise:*:*:*:*:* |
| cloudbees | jenkins | 1.400 | cpe:2.3:a:cloudbees:jenkins:1.400:*:lts:*:*:*:*:* |
| cloudbees | jenkins | 1.400.0.12 | cpe:2.3:a:cloudbees:jenkins:1.400.0.12:*:lts:*:*:*:*:* |
| cloudbees | jenkins | <= 1.453 | cpe:2.3:a:cloudbees:jenkins:*:*:*:*:*:*:*:* |
| jenkins | jenkins | 1.301 | cpe:2.3:a:jenkins:jenkins:1.301:*:*:*:*:*:*:* |
| jenkins | jenkins | 1.302 | cpe:2.3:a:jenkins:jenkins:1.302:*:*:*:*:*:*:* |
| jenkins | jenkins | 1.303 | cpe:2.3:a:jenkins:jenkins:1.303:*:*:*:*:*:*:* |
| jenkins | jenkins | 1.304 | cpe:2.3:a:jenkins:jenkins:1.304:*:*:*:*:*:*:* |
| jenkins | jenkins | 1.305 | cpe:2.3:a:jenkins:jenkins:1.305:*:*:*:*:*:*:* |
| jenkins | jenkins | 1.306 | cpe:2.3:a:jenkins:jenkins:1.306:*:*:*:*:*:*:* |
| jenkins | jenkins | 1.307 | cpe:2.3:a:jenkins:jenkins:1.307:*:*:*:*:*:*:* |
| jenkins | jenkins | 1.308 | cpe:2.3:a:jenkins:jenkins:1.308:*:*:*:*:*:*:* |
| jenkins | jenkins | 1.309 | cpe:2.3:a:jenkins:jenkins:1.309:*:*:*:*:*:*:* |
| jenkins | jenkins | 1.310 | cpe:2.3:a:jenkins:jenkins:1.310:*:*:*:*:*:*:* |
| jenkins | jenkins | 1.311 | cpe:2.3:a:jenkins:jenkins:1.311:*:*:*:*:*:*:* |
| jenkins | jenkins | 1.312 | cpe:2.3:a:jenkins:jenkins:1.312:*:*:*:*:*:*:* |
| jenkins | jenkins | 1.313 | cpe:2.3:a:jenkins:jenkins:1.313:*:*:*:*:*:*:* |
| jenkins | jenkins | 1.314 | cpe:2.3:a:jenkins:jenkins:1.314:*:*:*:*:*:*:* |
| jenkins | jenkins | 1.315 | cpe:2.3:a:jenkins:jenkins:1.315:*:*:*:*:*:*:* |
| jenkins | jenkins | 1.316 | cpe:2.3:a:jenkins:jenkins:1.316:*:*:*:*:*:*:* |
| jenkins | jenkins | 1.317 | cpe:2.3:a:jenkins:jenkins:1.317:*:*:*:*:*:*:* |
| jenkins | jenkins | 1.318 | cpe:2.3:a:jenkins:jenkins:1.318:*:*:*:*:*:*:* |
| jenkins | jenkins | 1.319 | cpe:2.3:a:jenkins:jenkins:1.319:*:*:*:*:*:*:* |
| jenkins | jenkins | 1.320 | cpe:2.3:a:jenkins:jenkins:1.320:*:*:*:*:*:*:* |
| jenkins | jenkins | 1.321 | cpe:2.3:a:jenkins:jenkins:1.321:*:*:*:*:*:*:* |
| jenkins | jenkins | 1.322 | cpe:2.3:a:jenkins:jenkins:1.322:*:*:*:*:*:*:* |
| jenkins | jenkins | 1.323 | cpe:2.3:a:jenkins:jenkins:1.323:*:*:*:*:*:*:* |
| jenkins | jenkins | 1.324 | cpe:2.3:a:jenkins:jenkins:1.324:*:*:*:*:*:*:* |
| jenkins | jenkins | 1.325 | cpe:2.3:a:jenkins:jenkins:1.325:*:*:*:*:*:*:* |
| jenkins | jenkins | 1.326 | cpe:2.3:a:jenkins:jenkins:1.326:*:*:*:*:*:*:* |
| jenkins | jenkins | 1.327 | cpe:2.3:a:jenkins:jenkins:1.327:*:*:*:*:*:*:* |
| jenkins | jenkins | 1.328 | cpe:2.3:a:jenkins:jenkins:1.328:*:*:*:*:*:*:* |
| jenkins | jenkins | 1.329 | cpe:2.3:a:jenkins:jenkins:1.329:*:*:*:*:*:*:* |
| jenkins | jenkins | 1.330 | cpe:2.3:a:jenkins:jenkins:1.330:*:*:*:*:*:*:* |
| jenkins | jenkins | 1.331 | cpe:2.3:a:jenkins:jenkins:1.331:*:*:*:*:*:*:* |
| jenkins | jenkins | 1.332 | cpe:2.3:a:jenkins:jenkins:1.332:*:*:*:*:*:*:* |
| jenkins | jenkins | 1.333 | cpe:2.3:a:jenkins:jenkins:1.333:*:*:*:*:*:*:* |
| jenkins | jenkins | 1.334 | cpe:2.3:a:jenkins:jenkins:1.334:*:*:*:*:*:*:* |
| jenkins | jenkins | 1.335 | cpe:2.3:a:jenkins:jenkins:1.335:*:*:*:*:*:*:* |
| jenkins | jenkins | 1.336 | cpe:2.3:a:jenkins:jenkins:1.336:*:*:*:*:*:*:* |
| jenkins | jenkins | 1.337 | cpe:2.3:a:jenkins:jenkins:1.337:*:*:*:*:*:*:* |
| jenkins | jenkins | 1.338 | cpe:2.3:a:jenkins:jenkins:1.338:*:*:*:*:*:*:* |
| jenkins | jenkins | 1.339 | cpe:2.3:a:jenkins:jenkins:1.339:*:*:*:*:*:*:* |
| jenkins | jenkins | 1.340 | cpe:2.3:a:jenkins:jenkins:1.340:*:*:*:*:*:*:* |
| jenkins | jenkins | 1.341 | cpe:2.3:a:jenkins:jenkins:1.341:*:*:*:*:*:*:* |
| jenkins | jenkins | 1.342 | cpe:2.3:a:jenkins:jenkins:1.342:*:*:*:*:*:*:* |
| jenkins | jenkins | 1.343 | cpe:2.3:a:jenkins:jenkins:1.343:*:*:*:*:*:*:* |
| jenkins | jenkins | 1.344 | cpe:2.3:a:jenkins:jenkins:1.344:*:*:*:*:*:*:* |
| jenkins | jenkins | 1.345 | cpe:2.3:a:jenkins:jenkins:1.345:*:*:*:*:*:*:* |
| jenkins | jenkins | 1.346 | cpe:2.3:a:jenkins:jenkins:1.346:*:*:*:*:*:*:* |
| jenkins | jenkins | 1.347 | cpe:2.3:a:jenkins:jenkins:1.347:*:*:*:*:*:*:* |
| jenkins | jenkins | 1.348 | cpe:2.3:a:jenkins:jenkins:1.348:*:*:*:*:*:*:* |
| jenkins | jenkins | 1.349 | cpe:2.3:a:jenkins:jenkins:1.349:*:*:*:*:*:*:* |
| jenkins | jenkins | 1.350 | cpe:2.3:a:jenkins:jenkins:1.350:*:*:*:*:*:*:* |
| jenkins | jenkins | 1.351 | cpe:2.3:a:jenkins:jenkins:1.351:*:*:*:*:*:*:* |
| jenkins | jenkins | 1.352 | cpe:2.3:a:jenkins:jenkins:1.352:*:*:*:*:*:*:* |
| jenkins | jenkins | 1.353 | cpe:2.3:a:jenkins:jenkins:1.353:*:*:*:*:*:*:* |
| jenkins | jenkins | 1.354 | cpe:2.3:a:jenkins:jenkins:1.354:*:*:*:*:*:*:* |
| jenkins | jenkins | 1.355 | cpe:2.3:a:jenkins:jenkins:1.355:*:*:*:*:*:*:* |
| jenkins | jenkins | 1.356 | cpe:2.3:a:jenkins:jenkins:1.356:*:*:*:*:*:*:* |
| jenkins | jenkins | 1.357 | cpe:2.3:a:jenkins:jenkins:1.357:*:*:*:*:*:*:* |
| jenkins | jenkins | 1.358 | cpe:2.3:a:jenkins:jenkins:1.358:*:*:*:*:*:*:* |
| jenkins | jenkins | 1.359 | cpe:2.3:a:jenkins:jenkins:1.359:*:*:*:*:*:*:* |
| jenkins | jenkins | 1.360 | cpe:2.3:a:jenkins:jenkins:1.360:*:*:*:*:*:*:* |
| jenkins | jenkins | 1.361 | cpe:2.3:a:jenkins:jenkins:1.361:*:*:*:*:*:*:* |
| jenkins | jenkins | 1.362 | cpe:2.3:a:jenkins:jenkins:1.362:*:*:*:*:*:*:* |
| jenkins | jenkins | 1.363 | cpe:2.3:a:jenkins:jenkins:1.363:*:*:*:*:*:*:* |
| jenkins | jenkins | 1.364 | cpe:2.3:a:jenkins:jenkins:1.364:*:*:*:*:*:*:* |
| jenkins | jenkins | 1.365 | cpe:2.3:a:jenkins:jenkins:1.365:*:*:*:*:*:*:* |
| jenkins | jenkins | 1.366 | cpe:2.3:a:jenkins:jenkins:1.366:*:*:*:*:*:*:* |
| jenkins | jenkins | 1.367 | cpe:2.3:a:jenkins:jenkins:1.367:*:*:*:*:*:*:* |
| jenkins | jenkins | 1.368 | cpe:2.3:a:jenkins:jenkins:1.368:*:*:*:*:*:*:* |
| jenkins | jenkins | 1.369 | cpe:2.3:a:jenkins:jenkins:1.369:*:*:*:*:*:*:* |
| jenkins | jenkins | 1.370 | cpe:2.3:a:jenkins:jenkins:1.370:*:*:*:*:*:*:* |
| jenkins | jenkins | 1.371 | cpe:2.3:a:jenkins:jenkins:1.371:*:*:*:*:*:*:* |
| jenkins | jenkins | 1.372 | cpe:2.3:a:jenkins:jenkins:1.372:*:*:*:*:*:*:* |
| jenkins | jenkins | 1.373 | cpe:2.3:a:jenkins:jenkins:1.373:*:*:*:*:*:*:* |