jenkins

1,798 tracked vulnerabilities.

CVE-2023-32989 HIGH
Jenkins Azure VM Agents Plugin < 852.v8d35f0960a_43 - Cross-Site Request Forgery
May 16, 2023
CVSS 8.8
EPSS 0.00
CVE-2023-32988 MEDIUM
Jenkins Azure VM Agents Plugin < 852.v8d35f0960a_43 - Credential ID Enumeration via Missing Permission Check
May 16, 2023
CVSS 4.3
EPSS 0.01
CVE-2023-32987 HIGH
Jenkins Reverse Proxy Auth Plugin < 1.7.4 - Cross-Site Request Forgery
May 16, 2023
CVSS 8.8
EPSS 0.00
CVE-2023-32986 HIGH
Jenkins File Parameter Plugin < 285.287.v4b_7b_29d3469d - Arbitrary File Write via Stashed File Parameter Name
May 16, 2023
CVSS 8.8
EPSS 0.61
CVE-2023-32985 MEDIUM
Jenkins Sidebar Link Plugin < 2.2.1 - Path Traversal via Form Validation
May 16, 2023
CVSS 4.3
EPSS 0.72
CVE-2023-32984 MEDIUM
Jenkins TestNG Results Plugin < 730.v4c5283037693 - Stored Cross-Site Scripting via TestNG Report File Parsing
May 16, 2023
CVSS 5.4
EPSS 0.00
CVE-2023-32983 MEDIUM
Jenkins Ansible Plugin < 204.v8191fd551eb_f - Cleartext Storage of Sensitive Information in Configuration Form
May 16, 2023
CVSS 5.3
EPSS 0.00
CVE-2023-32982 MEDIUM
Jenkins Ansible Plugin < 204.v8191fd551eb_f - Cleartext Storage of Sensitive Information in Job config.xml
May 16, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-32981 HIGH
Jenkins Pipeline Utility Steps < 2.15.2 - Arbitrary File Write via Crafted Archive Parameter
May 16, 2023
CVSS 8.8
EPSS 0.01
CVE-2023-32980 MEDIUM
Jenkins Email Extension Plugin < 2.96 - Cross-Site Request Forgery
May 16, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-32979 MEDIUM
Jenkins Email Extension Plugin < 2.96 - Unauthenticated File Existence Disclosure via Form Validation
May 16, 2023
CVSS 4.3
EPSS 0.01
CVE-2023-32978 MEDIUM
Jenkins LDAP Plugin < 673.v034ec70ec2b_b - Cross-Site Request Forgery
May 16, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-32977 MEDIUM
Jenkins Pipeline: Job Plugin < 1292.v27d8cc3e2602 - Stored Cross-Site Scripting via Build Display Name
May 16, 2023
CVSS 5.4
EPSS 0.01
CVE-2023-30532 MEDIUM
Jenkins TurboScript < 1.3 - Missing Authorization for Build Triggering
Apr 12, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-30531 MEDIUM
Jenkins Consul KV Builder Plugin < 2.0.13 - Cleartext Storage of Sensitive Information
Apr 12, 2023
CVSS 6.5
EPSS 0.00
CVE-2023-30530 MEDIUM
Jenkins Consul KV Builder Plugin <= 2.0.13 - Cleartext Storage of Sensitive Information
Apr 12, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-30529 MEDIUM
Jenkins Lucene-Search Plugin < 387.v938a_ecb_f7fe9 - Cross-Site Request Forgery
Apr 12, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-30528 MEDIUM
Jenkins WSO2 Oauth Plugin <= 1.0 - Cleartext Storage of Sensitive Information in Global Configuration Form
Apr 12, 2023
CVSS 6.5
EPSS 0.00
CVE-2023-30527 MEDIUM
Jenkins WSO2 Oauth Plugin < 1.0 - Cleartext Storage of Sensitive Information in Global Config
Apr 12, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-30526 MEDIUM
Jenkins Report Portal Plugin < 0.5 - Missing Authorization for URL Connection with Bearer Token
Apr 12, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-30525 HIGH
Jenkins Report Portal Plugin < 0.5 - Cross-Site Request Forgery
Apr 12, 2023
CVSS 8.8
EPSS 0.01
CVE-2023-30524 MEDIUM
Jenkins Report Portal Plugin <0.5 - Info Disclosure
Apr 12, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-30523 MEDIUM
Jenkins Report Portal Plugin <= 0.5 - Cleartext Storage of Sensitive Information in Job Configuration
Apr 12, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-30522 MEDIUM
Jenkins Fogbugz Plugin < 2.2.17 - Missing Authorization via Jobname Parameter
Apr 12, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-30521 MEDIUM
Jenkins Assembla Merge Request Builder < 1.1.13 - Unauthenticated Build Triggering
Apr 12, 2023
CVSS 5.3
EPSS 0.01