Vulnerabilities > Jenkins > Failed JOB Deactivator > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-06-30 | CVE-2022-34817 | Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Failed JOB Deactivator A cross-site request forgery (CSRF) vulnerability in Jenkins Failed Job Deactivator Plugin 1.2.1 and earlier allows attackers to disable jobs. | 4.3 |
| 2022-06-30 | CVE-2022-34818 | Missing Authorization vulnerability in Jenkins Failed JOB Deactivator Jenkins Failed Job Deactivator Plugin 1.2.1 and earlier does not perform permission checks in several views and HTTP endpoints, allowing attackers with Overall/Read permission to disable jobs. | 4.3 |