← Back

360 Fireline

360_fireline

Vendor: Jenkins • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2022-43435
1Jenkins
1360 Fireline
May 8, 2025
Oct 19, 2022
N/A· v4
5.3 MEDIUM· v3
N/A· v2
Jenkins 360 FireLine Plugin 1.7.2 and earlier programmatically disables Content-Security-Policy protection for user-generated content in workspaces, archived artifacts, etc. that Jenkins offers for download.
CVE-2019-10466
1Jenkins
1360 Fireline
Nov 21, 2024
Oct 23, 2019
N/A· v4
8.1 HIGH· v3
5.5 MEDIUM· v2
An XML external entities (XXE) vulnerability in Jenkins 360 FireLine Plugin allows attackers with Overall/Read access to have Jenkins resolve external entities, resulting in the extraction of secrets from the Jenkins age...Show more
An XML external entities (XXE) vulnerability in Jenkins 360 FireLine Plugin allows attackers with Overall/Read access to have Jenkins resolve external entities, resulting in the extraction of secrets from the Jenkins agent, server-side request forgery, or denial-of-service attacks.Show less