Vulnerabilities (CVE)

Filtered by vendor Jenkins Subscribe

Filtered by product Mailer

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 3 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2022-20613	2 Jenkins, Oracle	2 Mailer, Communications Cloud Native Core Automated Test Suite	2023-11-22	4.3 MEDIUM	4.3 MEDIUM
A cross-site request forgery (CSRF) vulnerability in Jenkins Mailer Plugin 391.ve4a_38c1b_cf4b_ and earlier allows attackers to use the DNS used by the Jenkins instance to resolve an attacker-specified hostname.
CVE-2022-20614	2 Jenkins, Oracle	2 Mailer, Communications Cloud Native Core Automated Test Suite	2023-11-22	4.0 MEDIUM	4.3 MEDIUM
A missing permission check in Jenkins Mailer Plugin 391.ve4a_38c1b_cf4b_ and earlier allows attackers with Overall/Read access to use the DNS used by the Jenkins instance to resolve an attacker-specified hostname.
CVE-2020-2252	1 Jenkins	1 Mailer	2020-09-18	5.8 MEDIUM	4.8 MEDIUM
Jenkins Mailer Plugin 1.32 and earlier does not perform hostname validation when connecting to the configured SMTP server.