jenkins

1,798 tracked vulnerabilities.

CVE-2023-37958 HIGH
Jenkins Sumologic Publisher Plugin < 2.2.1 - Cross-Site Request Forgery
Jul 12, 2023
CVSS 8.8
EPSS 0.01
CVE-2023-37957 HIGH
Jenkins Pipeline restFul API Plugin < 0.11 - Cross-Site Request Forgery
Jul 12, 2023
CVSS 8.8
EPSS 0.00
CVE-2023-37956 MEDIUM
Jenkins Test Results Aggregator Plugin < 1.2.13 - Server-Side Request Forgery via Unauthorized URL Connection
Jul 12, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-37955 MEDIUM
Jenkins Test Results Aggregator < 1.2.13 - Cross-Site Request Forgery
Jul 12, 2023
CVSS 6.5
EPSS 0.00
CVE-2023-37954 MEDIUM
Jenkins Rebuilder < 320.v5a_0933a_e7d61 - Cross-Site Request Forgery
Jul 12, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-37953 MEDIUM
Jenkins mabl Plugin < 0.0.46 - Missing Authorization for Credential Capture via URL Connection
Jul 12, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-37952 MEDIUM
Jenkins mabl Plugin < 0.0.46 - Cross-Site Request Forgery via Credential Capture
Jul 12, 2023
CVSS 6.5
EPSS 0.00
CVE-2023-37951 MEDIUM
Jenkins mabl Plugin < 0.0.46 - Insufficiently Protected Credentials
Jul 12, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-37950 MEDIUM
Jenkins mabl < 0.0.47 - Missing Authorization for Credential ID Enumeration
Jul 12, 2023
CVSS 4.3
EPSS 0.01
CVE-2023-37949 HIGH
Jenkins Orka by MacStadium Plugin < 1.34 - Missing Authorization for Credential Capture via URL Connection
Jul 12, 2023
CVSS 7.1
EPSS 0.01
CVE-2023-37948 LOW
Jenkins Oracle Cloud Infrastructure Compute Plugin < 1.0.17 - Man-in-the-Middle via Unvalidated SSH Host Keys
Jul 12, 2023
CVSS 3.7
EPSS 0.00
CVE-2023-37947 MEDIUM
Jenkins OpenShift Login Plugin < 1.1.0.230.v5d7030b_f5432 - Open Redirect
Jul 12, 2023
CVSS 6.1
EPSS 0.01
CVE-2023-37946 HIGH
Jenkins OpenShift Login Plugin <1.1.0.227.v27e08dfb_1a_20 - Info Di...
Jul 12, 2023
CVSS 8.8
EPSS 0.01
CVE-2023-37945 MEDIUM
Jenkins SAML Single Sign On Plugin 2.1.0-2.3.0 - Missing Authorization
Jul 12, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-37944 MEDIUM
Jenkins Datadog Plugin < 5.4.2 - Missing Authorization for Credential Capture via URL Connection
Jul 12, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-37943 MEDIUM
Jenkins Active Directory Plugin < 2.30 - Unauthenticated Sensitive Data Exposure via Unencrypted Connection Test
Jul 12, 2023
CVSS 5.9
EPSS 0.00
CVE-2023-37942 MEDIUM
Jenkins External Monitor Job Type Plugin < 206.v9a_94ff0b_4a_10 - XML External Entity Injection
Jul 12, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-3315 MEDIUM
Jenkins Team Concert Plugin <2.4.1 - Info Disclosure
Jun 19, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-35149 MEDIUM
Jenkins Digital.ai App Management Publisher Plugin < 2.6 - Missing Authorization
Jun 14, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-35148 MEDIUM
Jenkins Digital.ai App Management Publisher < 2.6 - Cross-Site Request Forgery
Jun 14, 2023
CVSS 6.5
EPSS 0.00
CVE-2023-35147 MEDIUM
Jenkins AWS CodeCommit Trigger Plugin <= 3.0.12 - Arbitrary File Read via SQS Queue Name Path Parameter
Jun 14, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-35146 MEDIUM
Jenkins Template Workflows Plugin < 41.v32d86a_313b_4a - Stored Cross-Site Scripting via Job Names
Jun 14, 2023
CVSS 5.4
EPSS 0.01
CVE-2023-35145 MEDIUM
Jenkins Sonargraph Integration Plugin < 5.0.1 - Stored Cross-Site Scripting in Log File Field Form Validation
Jun 14, 2023
CVSS 5.4
EPSS 0.01
CVE-2023-35144 MEDIUM
Jenkins Maven Repository Server Plugin < 1.10 - Stored Cross-Site Scripting in Build Artifacts Page
Jun 14, 2023
CVSS 5.4
EPSS 0.01
CVE-2023-35143 MEDIUM
Jenkins Maven Repository Server Plugin < 1.10 - Stored Cross-Site Scripting in Build Artifacts Page
Jun 14, 2023
CVSS 5.4
EPSS 0.01