jenkins
1,798 tracked vulnerabilities.
CVE-2023-40345
MEDIUM
Jenkins Delphix Plugin < 3.0.2 - Insufficiently Protected Credentials via Credentials Lookup
Aug 16, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-40344
MEDIUM
Jenkins Delphix Plugin < 3.0.2 - Credential ID Enumeration via Missing Permission Check
Aug 16, 2023
CVSS 4.3
EPSS 0.01
CVE-2023-40343
MEDIUM
Jenkins Tuleap Authentication Plugin < 1.1.20 - Authentication Token Timing Attack
Aug 16, 2023
CVSS 5.9
EPSS 0.00
CVE-2023-40342
MEDIUM
Jenkins Flaky Test Handler Plugin < 1.2.2 - Stored Cross-Site Scripting via JUnit Test Contents
Aug 16, 2023
CVSS 5.4
EPSS 0.01
CVE-2023-40341
HIGH
Jenkins Blue Ocean < 1.27.5 - Cross-Site Request Forgery
Aug 16, 2023
CVSS 8.8
EPSS 0.01
CVE-2023-40340
HIGH
Jenkins NodeJS Plugin <1.6.0 - Info Disclosure
Aug 16, 2023
CVSS 7.5
EPSS 0.01
CVE-2023-40339
HIGH
Jenkins Config File Provider Plugin <va_544a_6234b_46 - Info Disclo...
Aug 16, 2023
CVSS 7.5
EPSS 0.01
CVE-2023-40338
MEDIUM
Jenkins Folders Plugin < 6.846.v23698686f0f6 - Information Exposure via Scan Organization Folder Log Error Message
Aug 16, 2023
CVSS 4.3
EPSS 0.01
CVE-2023-40337
MEDIUM
Jenkins Folders Plugin < 6.846.v23698686f0f6 - Cross-Site Request Forgery
Aug 16, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-40336
HIGH
Jenkins Folders Plugin < 6.846.v23698686f0f6 - Cross-Site Request Forgery
Aug 16, 2023
CVSS 8.8
EPSS 0.00
CVE-2023-3442
HIGH
Jenkins ServiceNow DevOps < 1.38.1 - Missing Authorization
Jul 26, 2023
CVSS 7.7
EPSS 0.01
CVE-2023-3414
MEDIUM
Jenkins ServiceNow DevOps < 1.38.1 - Cross-Site Request Forgery
Jul 26, 2023
CVSS 6.1
EPSS 0.00
CVE-2023-39156
MEDIUM
Jenkins Bazaar Plugin < 1.22 - Cross-Site Request Forgery via SCM Tag Deletion
Jul 26, 2023
CVSS 5.3
EPSS 0.00
CVE-2023-39155
MEDIUM
Jenkins Chef Identity Plugin <2.0.3 - Info Disclosure
Jul 26, 2023
CVSS 5.3
EPSS 0.00
CVE-2023-39154
MEDIUM
Jenkins Qualys Web App Scanning Connector < 2.0.10 - Incorrect Authorization via URL Connection
Jul 26, 2023
CVSS 6.5
EPSS 0.00
CVE-2023-39153
MEDIUM
Jenkins GitLab Auth Plugin <1.17.1 - CSRF
Jul 26, 2023
CVSS 5.4
EPSS 0.01
CVE-2023-39152
MEDIUM
Jenkins Gradle Plugin 2.8 - Info Disclosure
Jul 26, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-39151
MEDIUM
Jenkins < 2.415, LTS < 2.401.2 - Stored Cross-Site Scripting via Build Log URL Hyperlinks
Jul 26, 2023
CVSS 5.4
EPSS 0.01
CVE-2023-37965
HIGH
Jenkins ElasticBox CI Plugin < 5.0.1 - Missing Authorization
Jul 12, 2023
CVSS 7.1
EPSS 0.01
CVE-2023-37964
HIGH
Jenkins ElasticBox CI Plugin < 5.0.1 - Cross-Site Request Forgery
Jul 12, 2023
CVSS 8.8
EPSS 0.01
CVE-2023-37963
MEDIUM
Jenkins Benchmark Evaluator Plugin < 1.0.1 - Missing Authorization
Jul 12, 2023
CVSS 5.4
EPSS 0.01
CVE-2023-37962
HIGH
Jenkins Benchmark Evaluator Plugin < 1.0.1 - Cross-Site Request Forgery
Jul 12, 2023
CVSS 8.8
EPSS 0.00
CVE-2023-37961
HIGH
Jenkins Assembla Auth Plugin < 1.14 - Cross-Site Request Forgery
Jul 12, 2023
CVSS 8.8
EPSS 0.00
CVE-2023-37960
MEDIUM
Jenkins MathWorks Polyspace Plugin < 1.0.5 - Arbitrary File Read via Email Attachment
Jul 12, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-37959
MEDIUM
Jenkins Sumologic Publisher Plugin < 2.2.1 - Missing Authorization
Jul 12, 2023
CVSS 6.5
EPSS 0.01
Products
jenkins 267
pipeline\ 40
script_security 35
active_directory 12
blue_ocean 11
email_extension 11
git 11
build_failure_analyzer 9
config_file_provider 9
configuration_as_code 9
credentials_binding 8
github_branch_source 8
ns-nd_integration_performance_publisher 8
html_publisher 7
job_configuration_history 7
kubernetes 7
openid_connect_authentication 7
openshift_deployer 7
rundeck 7
subversion 7
amazon_ec2 6
azure_ad 6
azure_vm_agents 6
deployment_dashboard 6
electricflow 6
gerrit_trigger 6
git_client 6
git_parameter 6
github 6
github_pull_request_builder 6
Quick Filters