[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2022-30953":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":36,"aliases":37,"duplicate_of":9,"upstream":39,"downstream":40,"duplicates":53,"related":54,"reserved_at":9,"published_at":55,"modified_at":56,"state":57,"summary":58,"references_raw":67,"kevs":98,"epss":99,"epss_history":102,"metrics":372,"affected":387},"CVE-2022-30953","A cross-site request forgery (CSRF) vulnerability in Jenkins Blue Ocean Plugin 1.25.3 and earlier allows attackers to connect to an attacker-specified HTTP server.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-352","Cross-Site Request Forgery (CSRF)","The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.","weakness","Stable","Compound","Medium",[20,24,28,32],{"id":21,"name":22,"techniques":23},"CAPEC-111","JSON Hijacking (aka JavaScript Hijacking)",[],{"id":25,"name":26,"techniques":27},"CAPEC-462","Cross-Domain Search Timing",[],{"id":29,"name":30,"techniques":31},"CAPEC-467","Cross Site Identification",[],{"id":33,"name":34,"techniques":35},"CAPEC-62","Cross Site Request Forgery",[],[],[38],"GHSA-hgpq-42pf-9vfq",[],[41,43,45,47,49,51],{"_key":42},"RHSA-2023:0017",{"_key":44},"RHSA-2023:3622",{"_key":46},"RHSA-2023:0560",{"_key":48},"RHSA-2023:0777",{"_key":50},"RHSA-2023:3198",{"_key":52},"RHSA-2023:3610",[],[],"2022-05-17T14:06:18.000Z","2024-08-03T07:03:39.866Z","Modified",{"cisa_kev":59,"cisa_ransomware":59,"cisa_vendor":9,"epss_severity":60,"epss_score":61,"severity":62,"severity_score":63,"severity_version":64,"severity_source":65,"severity_vector":66,"severity_status":57},false,"low",0.00113,"medium",6.5,"v3.1","nvd","CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",[68,77,84,89,93],{"url":69,"sources":70,"tags":73},"https://www.jenkins.io/security/advisory/2022-05-17/#SECURITY-2502",[71,65,72],"cve.org","osv_maven",[74,75,76],"X Refsource CONFIRM","Vendor Advisory","WEB",{"url":78,"sources":79,"tags":80},"http://www.openwall.com/lists/oss-security/2022/05/17/8",[71,65,72],[81,82,83,76],"Mailing List","X Refsource MLIST","Third Party Advisory",{"url":85,"sources":86,"tags":87},"https://nvd.nist.gov/vuln/detail/CVE-2022-30953",[72],[88],"Advisory",{"url":90,"sources":91,"tags":92},"https://github.com/jenkinsci/blueocean-plugin/commit/9f44b895d018c514d5dccc1f2190a2a029e58259",[72],[76],{"url":94,"sources":95,"tags":96},"https://github.com/jenkinsci/blueocean-plugin",[72],[97],"PACKAGE",[],{"date":100,"score":61,"percentile":101},"2026-06-04",0.29435,[103,107,110,113,116,119,122,125,128,131,134,136,139,142,145,149,152,155,159,162,165,168,171,174,177,180,183,186,189,192,195,198,200,203,206,209,212,215,218,221,224,227,230,233,236,239,242,245,248,251,254,257,259,262,265,268,271,274,277,280,283,286,289,292,295,298,301,304,307,310,313,316,319,322,325,328,330,333,336,339,342,345,348,351,354,357,360,363,366,369],{"date":104,"score":105,"percentile":106},"2025-11-04",0.00045,0.13466,{"date":108,"score":105,"percentile":109},"2025-11-05",0.13493,{"date":111,"score":105,"percentile":112},"2025-11-06",0.13581,{"date":114,"score":105,"percentile":115},"2025-11-07",0.13592,{"date":117,"score":105,"percentile":118},"2025-11-08",0.13597,{"date":120,"score":105,"percentile":121},"2025-11-09",0.13567,{"date":123,"score":105,"percentile":124},"2025-11-10",0.13534,{"date":126,"score":105,"percentile":127},"2025-11-11",0.13552,{"date":129,"score":105,"percentile":130},"2025-11-12",0.13539,{"date":132,"score":105,"percentile":133},"2025-11-13",0.13565,{"date":135,"score":105,"percentile":115},"2025-11-14",{"date":137,"score":105,"percentile":138},"2025-11-15",0.13572,{"date":140,"score":105,"percentile":141},"2025-11-16",0.1357,{"date":143,"score":105,"percentile":144},"2025-11-17",0.13544,{"date":146,"score":147,"percentile":148},"2025-11-18",0.00078,0.1943,{"date":150,"score":147,"percentile":151},"2025-11-19",0.19458,{"date":153,"score":147,"percentile":154},"2025-11-20",0.19447,{"date":156,"score":157,"percentile":158},"2025-11-21",0.00046,0.14037,{"date":160,"score":157,"percentile":161},"2025-11-22",0.14032,{"date":163,"score":157,"percentile":164},"2025-11-23",0.14017,{"date":166,"score":157,"percentile":167},"2025-11-24",0.13981,{"date":169,"score":157,"percentile":170},"2025-11-25",0.13982,{"date":172,"score":157,"percentile":173},"2025-11-26",0.1398,{"date":175,"score":157,"percentile":176},"2025-11-27",0.13987,{"date":178,"score":157,"percentile":179},"2025-11-28",0.13967,{"date":181,"score":105,"percentile":182},"2025-11-29",0.13439,{"date":184,"score":105,"percentile":185},"2025-11-30",0.13447,{"date":187,"score":105,"percentile":188},"2025-12-01",0.13486,{"date":190,"score":105,"percentile":191},"2025-12-02",0.13507,{"date":193,"score":105,"percentile":194},"2025-12-03",0.13528,{"date":196,"score":105,"percentile":197},"2025-12-04",0.135,{"date":199,"score":105,"percentile":138},"2025-12-05",{"date":201,"score":105,"percentile":202},"2025-12-06",0.13589,{"date":204,"score":105,"percentile":205},"2025-12-07",0.13573,{"date":207,"score":105,"percentile":208},"2025-12-08",0.13583,{"date":210,"score":105,"percentile":211},"2025-12-09",0.13642,{"date":213,"score":105,"percentile":214},"2025-12-10",0.13711,{"date":216,"score":105,"percentile":217},"2025-12-11",0.13742,{"date":219,"score":105,"percentile":220},"2025-12-12",0.13792,{"date":222,"score":105,"percentile":223},"2025-12-13",0.13813,{"date":225,"score":105,"percentile":226},"2025-12-14",0.13788,{"date":228,"score":105,"percentile":229},"2025-12-15",0.13753,{"date":231,"score":105,"percentile":232},"2025-12-16",0.13755,{"date":234,"score":105,"percentile":235},"2025-12-17",0.13853,{"date":237,"score":105,"percentile":238},"2025-12-18",0.13911,{"date":240,"score":105,"percentile":241},"2025-12-19",0.13954,{"date":243,"score":105,"percentile":244},"2025-12-20",0.13942,{"date":246,"score":105,"percentile":247},"2025-12-21",0.13901,{"date":249,"score":105,"percentile":250},"2025-12-22",0.13852,{"date":252,"score":105,"percentile":253},"2025-12-23",0.13845,{"date":255,"score":105,"percentile":256},"2025-12-24",0.1384,{"date":258,"score":105,"percentile":238},"2025-12-25",{"date":260,"score":105,"percentile":261},"2025-12-26",0.1387,{"date":263,"score":105,"percentile":264},"2025-12-27",0.13876,{"date":266,"score":105,"percentile":267},"2025-12-28",0.13843,{"date":269,"score":105,"percentile":270},"2025-12-29",0.13741,{"date":272,"score":105,"percentile":273},"2025-12-30",0.13749,{"date":275,"score":105,"percentile":276},"2025-12-31",0.13814,{"date":278,"score":105,"percentile":279},"2026-01-01",0.13887,{"date":281,"score":105,"percentile":282},"2026-01-02",0.13875,{"date":284,"score":105,"percentile":285},"2026-01-03",0.13842,{"date":287,"score":105,"percentile":288},"2026-01-04",0.13767,{"date":290,"score":105,"percentile":291},"2026-01-05",0.13722,{"date":293,"score":105,"percentile":294},"2026-01-06",0.13732,{"date":296,"score":105,"percentile":297},"2026-01-07",0.1377,{"date":299,"score":105,"percentile":300},"2026-01-08",0.13823,{"date":302,"score":105,"percentile":303},"2026-01-09",0.13831,{"date":305,"score":105,"percentile":306},"2026-01-10",0.13849,{"date":308,"score":105,"percentile":309},"2026-01-11",0.13779,{"date":311,"score":105,"percentile":312},"2026-01-12",0.13745,{"date":314,"score":105,"percentile":315},"2026-01-13",0.13719,{"date":317,"score":105,"percentile":318},"2026-01-14",0.13775,{"date":320,"score":105,"percentile":321},"2026-01-15",0.13776,{"date":323,"score":105,"percentile":324},"2026-01-16",0.1382,{"date":326,"score":105,"percentile":327},"2026-01-17",0.13837,{"date":329,"score":105,"percentile":297},"2026-01-18",{"date":331,"score":105,"percentile":332},"2026-01-19",0.13707,{"date":334,"score":105,"percentile":335},"2026-01-20",0.13686,{"date":337,"score":105,"percentile":338},"2026-01-21",0.13674,{"date":340,"score":105,"percentile":341},"2026-01-22",0.13636,{"date":343,"score":105,"percentile":344},"2026-01-23",0.13716,{"date":346,"score":105,"percentile":347},"2026-01-24",0.13761,{"date":349,"score":105,"percentile":350},"2026-01-25",0.13701,{"date":352,"score":105,"percentile":353},"2026-01-26",0.13633,{"date":355,"score":105,"percentile":356},"2026-01-27",0.1363,{"date":358,"score":105,"percentile":359},"2026-01-28",0.13637,{"date":361,"score":105,"percentile":362},"2026-01-29",0.13615,{"date":364,"score":105,"percentile":365},"2026-01-30",0.13622,{"date":367,"score":105,"percentile":368},"2026-01-31",0.13628,{"date":370,"score":105,"percentile":371},"2026-02-01",0.1364,[373,383],{"source":65,"cvss_v2_0":374,"cvss_v3_0":9,"cvss_v3_1":379,"cvss_v4_0":9},{"baseScore":375,"baseSeverity":9,"vectorString":376,"impactScore":377,"exploitabilityScore":378},4.3,"AV:N/AC:M/Au:N/C:N/I:P/A:N",2.9,8.6,{"baseScore":63,"baseSeverity":380,"vectorString":66,"impactScore":381,"exploitabilityScore":382},"MEDIUM",6,7.2,{"source":72,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":384,"cvss_v4_0":9},{"baseScore":375,"baseSeverity":9,"vectorString":385,"impactScore":386,"exploitabilityScore":382},"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",2.3,[388,400,408],{"ecosystem":9,"name":389,"vendor":390,"product":391,"cpe_part":392,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":393},"Jenkins Blue Ocean Plugin","jenkins project","jenkins blue ocean plugin","a",[394],{"version":395,"is_range":396,"range_type":71,"version_start":397,"version_start_type":398,"version_end":399,"version_end_type":398,"fixed_in":9},">= unspecified, \u003C= 1.25.3",true,"unspecified","including","1.25.3",{"ecosystem":9,"name":401,"vendor":402,"product":403,"cpe_part":392,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":404},"blue ocean","jenkins","blue_ocean",[405],{"version":406,"is_range":396,"range_type":407,"version_start":9,"version_start_type":9,"version_end":399,"version_end_type":398,"fixed_in":9},"lte1.25.3","cpe",{"ecosystem":409,"name":410,"vendor":411,"product":412,"cpe_part":9,"purl_type":413,"purl_namespace":411,"purl_name":412,"source":9,"versions":414},"Maven","io.jenkins.blueocean:blueocean-parent","io.jenkins.blueocean","blueocean-parent","maven",[415],{"version":416,"is_range":396,"range_type":417,"version_start":9,"version_start_type":9,"version_end":418,"version_end_type":419,"fixed_in":9},"lt1_25_4","ecosystem","1.25.4","excluding"]