jenkins
1,798 tracked vulnerabilities.
CVE-2023-30520
MEDIUM
Jenkins Quay.io trigger Plugin <= 0.1 - Stored Cross-Site Scripting via Repository Homepage URL
Apr 12, 2023
CVSS 5.4
EPSS 0.00
CVE-2023-30519
MEDIUM
Jenkins Quay.io trigger Plugin 0.1 - Unauthenticated Missing Authorization
Apr 12, 2023
CVSS 5.3
EPSS 0.00
CVE-2023-30518
MEDIUM
Jenkins Thycotic Secret Server Plugin < 1.0.2 - Missing Authorization for Credential ID Enumeration
Apr 12, 2023
CVSS 4.3
EPSS 0.01
CVE-2023-30517
MEDIUM
Jenkins NeuVector Vulnerability Scanner < 1.22 - Improper Certificate Validation
Apr 12, 2023
CVSS 5.3
EPSS 0.00
CVE-2023-30516
MEDIUM
Jenkins Image Tag Parameter Plugin < 2.0 - Improper Certificate Validation
Apr 12, 2023
CVSS 6.5
EPSS 0.00
CVE-2023-30515
HIGH
Jenkins Thycotic DevOps Secrets Vault Plugin < 1.0.0 - Cleartext Transmission of Sensitive Information in Build Log
Apr 12, 2023
CVSS 7.5
EPSS 0.00
CVE-2023-30514
HIGH
Jenkins Azure Key Vault Plugin < 187.va_cd5fecd198a - Credential Exposure in Build Log
Apr 12, 2023
CVSS 7.5
EPSS 0.00
CVE-2023-30513
HIGH
Jenkins Kubernetes Plugin < 3909.v1f2c633e8590 - Cleartext Transmission of Sensitive Information in Build Log
Apr 12, 2023
CVSS 7.5
EPSS 0.00
CVE-2023-28684
MEDIUM
Jenkins remote-jobs-view-plugin <0.0.3 - XXE
Apr 02, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-28683
HIGH
Jenkins Phabricator Differential Plugin <2.1.5 - XXE
Apr 02, 2023
CVSS 8.2
EPSS 0.01
CVE-2023-28682
HIGH
Jenkins Performance Publisher Plugin <8.09 - XXE
Apr 02, 2023
CVSS 8.2
EPSS 0.01
CVE-2023-28681
HIGH
Jenkins Visual Studio Code Metrics Plugin <1.7 - XXE
Apr 02, 2023
CVSS 8.2
EPSS 0.01
CVE-2023-28680
HIGH
Jenkins Crap4J Plugin < 0.9 - XML External Entity Injection
Apr 02, 2023
CVSS 7.5
EPSS 0.01
CVE-2023-28679
MEDIUM
Jenkins Mashup Portlets Plugin <1.1.2 - XSS
Apr 02, 2023
CVSS 5.4
EPSS 0.01
CVE-2023-28678
MEDIUM
Jenkins Cppcheck Plugin <1.26 - XSS
Apr 02, 2023
CVSS 5.4
EPSS 0.00
CVE-2023-28677
CRITICAL
Jenkins Convert To Pipeline Plugin <1.0 - RCE
Apr 02, 2023
CVSS 9.8
EPSS 0.01
CVE-2023-28676
HIGH
Jenkins Convert To Pipeline Plugin <1.0 - CSRF
Apr 02, 2023
CVSS 8.8
EPSS 0.01
CVE-2023-28675
MEDIUM
Jenkins OctoPerf Load Testing Plugin <4.5.2 - Privilege Escalation
Apr 02, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-28674
HIGH
Jenkins OctoPerf Load Testing Plugin <4.5.2 - CSRF
Apr 02, 2023
CVSS 8.8
EPSS 0.00
CVE-2023-28673
MEDIUM
Jenkins OctoPerf Load Testing Plugin <4.5.2 - Info Disclosure
Apr 02, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-28672
MEDIUM
Jenkins OctoPerf Load Testing Plugin <4.5.1 - Auth Bypass
Apr 02, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-28671
MEDIUM
Jenkins OctoPerf Load Testing Plugin <4.5.0 - CSRF
Apr 02, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-28670
MEDIUM
Jenkins Pipeline Aggregator View Plugin <1.13 - XSS
Apr 02, 2023
CVSS 5.4
EPSS 0.00
CVE-2023-28669
MEDIUM
Jenkins JaCoCo Plugin < 3.3.2 - Stored Cross-Site Scripting via Unescaped Class and Method Names
Apr 02, 2023
CVSS 5.4
EPSS 0.01
CVE-2023-28668
CRITICAL
Jenkins Role-based Authorization Strategy Plugin <587.v2872c41fa_e5...
Apr 02, 2023
CVSS 9.8
EPSS 0.01
Products
jenkins 267
pipeline\ 40
script_security 35
active_directory 12
blue_ocean 11
email_extension 11
git 11
build_failure_analyzer 9
config_file_provider 9
configuration_as_code 9
credentials_binding 8
github_branch_source 8
ns-nd_integration_performance_publisher 8
html_publisher 7
job_configuration_history 7
kubernetes 7
openid_connect_authentication 7
openshift_deployer 7
rundeck 7
subversion 7
amazon_ec2 6
azure_ad 6
azure_vm_agents 6
deployment_dashboard 6
electricflow 6
gerrit_trigger 6
git_client 6
git_parameter 6
github 6
github_pull_request_builder 6
Quick Filters