Vulnerabilities > Jenkins > Docker Commons

DATE CVE VULNERABILITY TITLE RISK
2022-01-12 CVE-2022-20617 OS Command Injection vulnerability in Jenkins Docker Commons
Jenkins Docker Commons Plugin 1.17 and earlier does not sanitize the name of an image or a tag, resulting in an OS command execution vulnerability exploitable by attackers with Item/Configure permission or able to control the contents of a previously configured job's SCM repository.
network
low complexity
jenkins CWE-78
8.8
8.8
2017-10-05 CVE-2017-1000094 Information Exposure vulnerability in Jenkins Docker Commons 1.9
Docker Commons Plugin provides a list of applicable credential IDs to allow users configuring a job to select the one they'd like to use to authenticate with a Docker Registry.
network
low complexity
jenkins CWE-200
4.0
4.0