Vulnerabilities > Jenkins > JOB Import > 3.5
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-10-19 | CVE-2022-43413 | Missing Authorization vulnerability in Jenkins JOB Import Jenkins Job Import Plugin 3.5 and earlier does not perform a permission check in an HTTP endpoint, allowing attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. | 4.3 |