本ページは jenkins gerrit_trigger に影響する公開済み CVE(NVD の CPE 経由で関連付け)を列挙します。各行に深刻度指標・概要・公開日が含まれます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2023-24423 | A cross-site request forgery (CSRF) vulnerability in Jenkins Gerrit Trigger Plugin 2.38.0 and earlier allows attackers to rebuild previous builds triggered by Gerrit. | [email protected] | 6.5 | 0.49% | 2023-01-26 | 2026-06-17 |
| CVE-2022-29039 | Jenkins Gerrit Trigger Plugin 2.35.2 and earlier does not escape the name and description of Base64 Encoded String parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. | [email protected] | 5.4 | 0.78% | 2022-04-12 | 2026-06-17 |
| CVE-2019-16552 | A missing permission check in Jenkins Gerrit Trigger Plugin 2.30.1 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified HTTP URL or SSH server using attacker-specified credentials, or determine the existence of a file with a given path on the Jenkins master. | [email protected] | 5.4 | 0.62% | 2019-12-17 | 2026-06-16 |
| CVE-2019-16551 | A cross-site request forgery vulnerability in Jenkins Gerrit Trigger Plugin 2.30.1 and earlier allows attackers to connect to an attacker-specified HTTP URL or SSH server using attacker-specified credentials. | [email protected] | 8.8 | 0.69% | 2019-12-17 | 2026-06-16 |
| CVE-2018-1000106 | An improper authorization vulnerability exists in Jenkins Gerrit Trigger Plugin 2.27.4 and earlier in GerritManagement.java, GerritServer.java, and PluginImpl.java that allows an attacker with Overall/Read access to modify the Gerrit configuration in Jenkins. | [email protected] | 5.4 | 0.91% | 2018-03-13 | 2026-06-16 |
| CVE-2018-1000105 | An improper authorization vulnerability exists in Jenkins Gerrit Trigger Plugin 2.27.4 and earlier in GerritManagement.java, GerritServer.java, and PluginImpl.java that allows an attacker with Overall/Read access to retrieve some configuration information about Gerrit in Jenkins. | [email protected] | 4.3 | 0.68% | 2018-03-13 | 2026-06-16 |