jenkins

1,798 tracked vulnerabilities.

CVE-2023-40345 MEDIUM
Jenkins Delphix Plugin < 3.0.2 - Insufficiently Protected Credentials via Credentials Lookup
Aug 16, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-40344 MEDIUM
Jenkins Delphix Plugin < 3.0.2 - Credential ID Enumeration via Missing Permission Check
Aug 16, 2023
CVSS 4.3
EPSS 0.01
CVE-2023-40343 MEDIUM
Jenkins Tuleap Authentication Plugin < 1.1.20 - Authentication Token Timing Attack
Aug 16, 2023
CVSS 5.9
EPSS 0.00
CVE-2023-40342 MEDIUM
Jenkins Flaky Test Handler Plugin < 1.2.2 - Stored Cross-Site Scripting via JUnit Test Contents
Aug 16, 2023
CVSS 5.4
EPSS 0.01
CVE-2023-40341 HIGH
Jenkins Blue Ocean < 1.27.5 - Cross-Site Request Forgery
Aug 16, 2023
CVSS 8.8
EPSS 0.01
CVE-2023-40340 HIGH
Jenkins NodeJS Plugin <1.6.0 - Info Disclosure
Aug 16, 2023
CVSS 7.5
EPSS 0.01
CVE-2023-40339 HIGH
Jenkins Config File Provider Plugin <va_544a_6234b_46 - Info Disclo...
Aug 16, 2023
CVSS 7.5
EPSS 0.01
CVE-2023-40338 MEDIUM
Jenkins Folders Plugin < 6.846.v23698686f0f6 - Information Exposure via Scan Organization Folder Log Error Message
Aug 16, 2023
CVSS 4.3
EPSS 0.01
CVE-2023-40337 MEDIUM
Jenkins Folders Plugin < 6.846.v23698686f0f6 - Cross-Site Request Forgery
Aug 16, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-40336 HIGH
Jenkins Folders Plugin < 6.846.v23698686f0f6 - Cross-Site Request Forgery
Aug 16, 2023
CVSS 8.8
EPSS 0.00
CVE-2023-3442 HIGH
Jenkins ServiceNow DevOps < 1.38.1 - Missing Authorization
Jul 26, 2023
CVSS 7.7
EPSS 0.01
CVE-2023-3414 MEDIUM
Jenkins ServiceNow DevOps < 1.38.1 - Cross-Site Request Forgery
Jul 26, 2023
CVSS 6.1
EPSS 0.00
CVE-2023-39156 MEDIUM
Jenkins Bazaar Plugin < 1.22 - Cross-Site Request Forgery via SCM Tag Deletion
Jul 26, 2023
CVSS 5.3
EPSS 0.00
CVE-2023-39155 MEDIUM
Jenkins Chef Identity Plugin <2.0.3 - Info Disclosure
Jul 26, 2023
CVSS 5.3
EPSS 0.00
CVE-2023-39154 MEDIUM
Jenkins Qualys Web App Scanning Connector < 2.0.10 - Incorrect Authorization via URL Connection
Jul 26, 2023
CVSS 6.5
EPSS 0.00
CVE-2023-39153 MEDIUM
Jenkins GitLab Auth Plugin <1.17.1 - CSRF
Jul 26, 2023
CVSS 5.4
EPSS 0.01
CVE-2023-39152 MEDIUM
Jenkins Gradle Plugin 2.8 - Info Disclosure
Jul 26, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-39151 MEDIUM
Jenkins < 2.415, LTS < 2.401.2 - Stored Cross-Site Scripting via Build Log URL Hyperlinks
Jul 26, 2023
CVSS 5.4
EPSS 0.01
CVE-2023-37965 HIGH
Jenkins ElasticBox CI Plugin < 5.0.1 - Missing Authorization
Jul 12, 2023
CVSS 7.1
EPSS 0.01
CVE-2023-37964 HIGH
Jenkins ElasticBox CI Plugin < 5.0.1 - Cross-Site Request Forgery
Jul 12, 2023
CVSS 8.8
EPSS 0.01
CVE-2023-37963 MEDIUM
Jenkins Benchmark Evaluator Plugin < 1.0.1 - Missing Authorization
Jul 12, 2023
CVSS 5.4
EPSS 0.01
CVE-2023-37962 HIGH
Jenkins Benchmark Evaluator Plugin < 1.0.1 - Cross-Site Request Forgery
Jul 12, 2023
CVSS 8.8
EPSS 0.00
CVE-2023-37961 HIGH
Jenkins Assembla Auth Plugin < 1.14 - Cross-Site Request Forgery
Jul 12, 2023
CVSS 8.8
EPSS 0.00
CVE-2023-37960 MEDIUM
Jenkins MathWorks Polyspace Plugin < 1.0.5 - Arbitrary File Read via Email Attachment
Jul 12, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-37959 MEDIUM
Jenkins Sumologic Publisher Plugin < 2.2.1 - Missing Authorization
Jul 12, 2023
CVSS 6.5
EPSS 0.01