jenkins
1,798 tracked vulnerabilities.
CVE-2023-35142
HIGH
Jenkins Checkmarx Plugin < 2023.4.3 - Improper Certificate Validation
Jun 14, 2023
CVSS 8.1
EPSS 0.01
CVE-2023-35141
HIGH
Jenkins < 2.400 - Cross-Site Request Forgery via Context Menu URL
Jun 14, 2023
CVSS 8.0
EPSS 0.01
CVE-2023-2631
MEDIUM
Jenkins Code Dx Plugin <3.1.0 - SSRF
May 16, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-2195
MEDIUM
Jenkins Code Dx Plugin <3.1.0 - CSRF
May 16, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-2633
MEDIUM
Jenkins Code Dx Plugin <3.1.0 - Info Disclosure
May 16, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-2632
MEDIUM
Jenkins Code Dx Plugin <3.1.0 - Info Disclosure
May 16, 2023
CVSS 4.3
EPSS 0.01
CVE-2023-2196
MEDIUM
Jenkins Code Dx Plugin <3.1.0 - Info Disclosure
May 16, 2023
CVSS 4.3
EPSS 0.01
CVE-2023-33007
MEDIUM
Jenkins LoadComplete support Plugin <= 1.0 - Stored Cross-Site Scripting in LoadComplete Test Name
May 16, 2023
CVSS 5.4
EPSS 0.00
CVE-2023-33006
MEDIUM
Jenkins WSO2 Oauth Plugin < 1.0 - Cross-Site Request Forgery
May 16, 2023
CVSS 5.4
EPSS 0.00
CVE-2023-33005
MEDIUM
Jenkins WSO2 Oauth Plugin < 1.0 - Insufficient Session Expiration
May 16, 2023
CVSS 5.4
EPSS 0.00
CVE-2023-33004
MEDIUM
Jenkins Tag Profiler Plugin < 0.2 - Unauthenticated Statistics Reset via Missing Permission Check
May 16, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-33003
MEDIUM
Jenkins Tag Profiler Plugin < 0.2 - Cross-Site Request Forgery
May 16, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-33002
MEDIUM
Jenkins TestComplete support Plugin < 2.8.1 - Stored Cross-Site Scripting via TestComplete Project Name
May 16, 2023
CVSS 5.4
EPSS 0.02
CVE-2023-33001
HIGH
Jenkins HashiCorp Vault Plugin < 360.v0a_1c04cf807d - Credential Exposure in Build Logs via Durable Task Logging
May 16, 2023
CVSS 7.5
EPSS 0.01
CVE-2023-33000
HIGH
Jenkins NS-ND Integration Performance Publisher Plugin <= 4.8.0.149 - Insufficiently Protected Credentials
May 16, 2023
CVSS 7.5
EPSS 0.01
CVE-2023-32999
MEDIUM
Jenkins AppSpider Plugin <= 1.0.15 - Missing Permission Check for HTTP POST Requests
May 16, 2023
CVSS 4.3
EPSS 0.01
CVE-2023-32998
HIGH
Jenkins AppSpider Plugin <= 1.0.15 - Cross-Site Request Forgery via HTTP POST Request
May 16, 2023
CVSS 8.8
EPSS 0.01
CVE-2023-32997
HIGH
Jenkins CAS Plugin <1.6.2 - Auth Bypass
May 16, 2023
CVSS 8.8
EPSS 0.01
CVE-2023-32996
MEDIUM
Jenkins SAML Single Sign-On Plugin < 2.0.0 - Unauthenticated Email Spoofing via miniOrange API
May 16, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-32995
HIGH
Jenkins SAML Single Sign On Plugin < 2.0.0 - Cross-Site Request Forgery via Email API
May 16, 2023
CVSS 8.8
EPSS 0.00
CVE-2023-32994
LOW
Jenkins SAML Single Sign On Plugin < 2.1.0 - Improper Certificate Validation
May 16, 2023
CVSS 3.7
EPSS 0.00
CVE-2023-32993
MEDIUM
Jenkins SAML Single Sign On Plugin < 2.0.2 - Insufficient Verification of Data Authenticity via SAML Metadata Retrieval
May 16, 2023
CVSS 4.8
EPSS 0.00
CVE-2023-32992
HIGH
Jenkins SAML Single Sign On Plugin < 2.0.2 - Server-Side Request Forgery and XML External Entity Injection
May 16, 2023
CVSS 8.8
EPSS 0.01
CVE-2023-32991
HIGH
Jenkins SAML Single Sign On Plugin < 2.0.2 - Cross-Site Request Forgery
May 16, 2023
CVSS 8.8
EPSS 0.01
CVE-2023-32990
MEDIUM
Jenkins Azure VM Agents Plugin < 852.v8d35f0960a_43 - Missing Permission Check for Azure Cloud Server Connection
May 16, 2023
CVSS 6.5
EPSS 0.01
Products
jenkins 267
pipeline\ 40
script_security 35
active_directory 12
blue_ocean 11
email_extension 11
git 11
build_failure_analyzer 9
config_file_provider 9
configuration_as_code 9
credentials_binding 8
github_branch_source 8
ns-nd_integration_performance_publisher 8
html_publisher 7
job_configuration_history 7
kubernetes 7
openid_connect_authentication 7
openshift_deployer 7
rundeck 7
subversion 7
amazon_ec2 6
azure_ad 6
azure_vm_agents 6
deployment_dashboard 6
electricflow 6
gerrit_trigger 6
git_client 6
git_parameter 6
github 6
github_pull_request_builder 6
Quick Filters