📦

job_import

Vendor: jenkins

Login to add this product to WatchStack
Actively Exploited 0 CISA KEV List
PoC / Exploits 0 Code Available
Total RCEs 0 Remote Access
Total CVEs 5 Total Indexed
Avg. EPSS 0.23% Exploit Prob.
Latest CVE CVE-2026-48926 May 27

Security Vulnerability Index

Page 1 / 1
4.3 CVSS
CVE-2026-48926

Jenkins Job Import Plugin 143.v044a_2e819b_27 and earlier does not perform a permission check in an HTTP endpoint, allowing attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.

EPSS: 0.11%
4.3 CVSS
CVE-2022-43413

Jenkins Job Import Plugin 3.5 and earlier does not perform a permission check in an HTTP endpoint, allowing attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.

EPSS: 0.72%
5.3 CVSS
CVE-2019-1003017

A data modification vulnerability exists in Jenkins Job Import Plugin 3.0 and earlier in JobImportAction.java that allows attackers to copy jobs from a preconfigured other Jenkins instance, potentially installing additional plugins necessary to load the imported job's configuration.

EPSS: 0.08%
8.8 CVSS
CVE-2019-1003016

An exposure of sensitive information vulnerability exists in Jenkins Job Import Plugin 2.1 and earlier in src/main/java/org/jenkins/ci/plugins/jobimport/JobImportAction.java, src/main/java/org/jenkins/ci/plugins/jobimport/JobImportGlobalConfig.java, src/main/java/org/jenkins/ci/plugins/jobimport/model/JenkinsSite.java that allows attackers with Overall/Read permission to have Jenkins connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.

EPSS: 0.16%
9.1 CVSS
CVE-2019-1003015

An XML external entity processing vulnerability exists in Jenkins Job Import Plugin 2.1 and earlier in src/main/java/org/jenkins/ci/plugins/jobimport/client/RestApiClient.java that allows attackers with the ability to control the HTTP server (Jenkins) queried in preparation of job import to read arbitrary files, perform a denial of service attack, etc.

EPSS: 0.11%