Known Vulnerabilities for Email Extension by Jenkins
Listed below are 10 of the newest known vulnerabilities associated with "Email Extension" by "Jenkins".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-3090 json | The Post SMTP – Complete Email Deliverability and SMTP Solution with Email Logs, Alerts, Backup SMTP & Mobile App plugin fo... | Not Provided | 2026-03-18 | 2026-04-08 |
| CVE-2023-32980 json | A cross-site request forgery (CSRF) vulnerability in Jenkins Email Extension Plugin allows attackers to make another user sto... | 4.3 - MEDIUM | 2023-05-16 | 2023-05-25 |
| CVE-2023-32979 json | Jenkins Email Extension Plugin does not perform a permission check in a method implementing form validation, allowing attacke... | 4.3 - MEDIUM | 2023-05-16 | 2023-05-25 |
| CVE-2023-25765 json | In Jenkins Email Extension Plugin 2.93 and earlier, templates defined inside a folder were not subject to Script Security pro... | 9.9 - CRITICAL | 2023-02-15 | 2023-11-03 |
| CVE-2023-25764 json | Jenkins Email Extension Plugin 2.93 and earlier does not escape, sanitize, or sandbox rendered email template output or log o... | 5.4 - MEDIUM | 2023-02-15 | 2023-11-03 |
| CVE-2023-25763 json | Jenkins Email Extension Plugin 2.93 and earlier does not escape various fields included in bundled email templates, resulting... | 5.4 - MEDIUM | 2023-02-15 | 2023-11-03 |
| CVE-2020-2253 json | Jenkins Email Extension Plugin 2.75 and earlier does not perform hostname validation when connecting to the configured SMTP s... | 4.8 - MEDIUM | 2020-09-16 | 2023-10-25 |
| CVE-2020-2232 json | Jenkins Email Extension Plugin 2.72 and 2.73 transmits and displays the SMTP password in plain text as part of the global Jen... | 7.5 - HIGH | 2020-08-12 | 2023-10-25 |
| CVE-2019-1003032 json | A sandbox bypass vulnerability exists in Jenkins Email Extension Plugin 2.64 and earlier in pom.xml, src/main/java/hudson/plu... | 9.9 - CRITICAL | 2019-03-08 | 2023-10-25 |
| CVE-2018-1000176 json | An exposure of sensitive information vulnerability exists in Jenkins Email Extension Plugin 2.61 and older in src/main/resour... | 6.5 - MEDIUM | 2018-05-08 | 2018-06-13 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Jenkins | Email Extension | 2.9 | |||
| Application | Jenkins | Email Extension | 2.8 | |||
| Application | Jenkins | Email Extension | 2.75 | |||
| Application | Jenkins | Email Extension | 2.74 | |||
| Application | Jenkins | Email Extension | 2.73 | |||
| Application | Jenkins | Email Extension | 2.72 | |||
| Application | Jenkins | Email Extension | 2.71 | |||
| Application | Jenkins | Email Extension | 2.7 | |||
| Application | Jenkins | Email Extension | 2.69 | |||
| Application | Jenkins | Email Extension | 2.68 | |||
| Application | Jenkins | Email Extension | 2.67 | |||
| Application | Jenkins | Email Extension | 2.66 | |||
| Application | Jenkins | Email Extension | 2.65 | |||
| Application | Jenkins | Email Extension | 2.64 | |||
| Application | Jenkins | Email Extension | 2.63 | |||
| Application | Jenkins | Email Extension | 2.62 | |||
| Application | Jenkins | Email Extension | 2.61 | |||
| Application | Jenkins | Email Extension | 2.60 | |||
| Application | Jenkins | Email Extension | 2.6 | |||
| Application | Jenkins | Email Extension | 2.59 |