jenkins

1,798 tracked vulnerabilities.

CVE-2023-28685 HIGH
Jenkins AbsInt a³ Plugin <1.1.0 - XXE
Mar 22, 2023
CVSS 7.1
EPSS 0.01
CVE-2023-27905 CRITICAL
Jenkins update-center2 3.13-3.14 - Stored Cross-Site Scripting in Plugin Download Index Page
Mar 10, 2023
CVSS 9.6
EPSS 0.02
CVE-2023-27904 MEDIUM
Jenkins < 2.375.4, 2.376-2.387.1, < 2.394 - Information Exposure via Agent Connection Error Stack Trace
Mar 10, 2023
CVSS 5.3
EPSS 0.01
CVE-2023-27903 MEDIUM
Jenkins < 2.375.4, 2.376-2.387.1, < 2.394 - Unauthenticated Sensitive File Exposure via CLI File Parameter Upload
Mar 10, 2023
CVSS 4.4
EPSS 0.00
CVE-2023-27902 MEDIUM
Jenkins < 2.375.4, 2.376-2.387.1, < 2.394 - Unprotected Temporary Directory Exposure via Job Workspace
Mar 10, 2023
CVSS 4.3
EPSS 0.01
CVE-2023-27901 HIGH
Jenkins < 2.375.4, < 2.394 - Denial of Service via Unlimited Request Parts
Mar 10, 2023
CVSS 7.5
EPSS 0.01
CVE-2023-27900 HIGH
Jenkins < 2.375.4, < 2.394 - Denial of Service via Unlimited Request Parts in MultipartFormDataParser
Mar 10, 2023
CVSS 7.5
EPSS 0.01
CVE-2023-27899 HIGH
Jenkins < 2.375.4, < 2.394, 2.376-2.387.1 - Arbitrary Code Execution via Plugin Upload Temporary File
Mar 10, 2023
CVSS 7.0
EPSS 0.00
CVE-2023-27898 CRITICAL
Jenkins 2.270-2.393 and LTS 2.277.1-2.375.3 - Stored Cross-Site Scripting in Plugin Dependency Version Error Message
Mar 10, 2023
CVSS 9.6
EPSS 0.02
CVE-2023-23850 MEDIUM
Synopsys Jenkins Coverity Plugin <3.0.2 - Info Disclosure
Feb 15, 2023
CVSS 4.3
EPSS 0.01
CVE-2023-23848 MEDIUM
Synopsys Jenkins Coverity Plugin <3.0.2 - Privilege Escalation
Feb 15, 2023
CVSS 4.3
EPSS 0.01
CVE-2023-23847 LOW
Synopsys Jenkins Coverity Plugin <3.0.2 - CSRF
Feb 15, 2023
CVSS 3.5
EPSS 0.00
CVE-2023-25768 MEDIUM
Jenkins Azure Credentials Plugin < 254.v64da_8176c83a - Missing Authorization
Feb 15, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-25767 HIGH
Jenkins Azure Credentials Plugin < 254.v64da_8176c83a - Cross-Site Request Forgery
Feb 15, 2023
CVSS 8.8
EPSS 0.00
CVE-2023-25766 MEDIUM
Jenkins Azure Credentials Plugin < 254.v64da_8176c83a - Missing Authorization for Credential ID Enumeration
Feb 15, 2023
CVSS 4.3
EPSS 0.01
CVE-2023-25765 CRITICAL
Jenkins Email Extension Plugin <2.93 - Code Injection
Feb 15, 2023
CVSS 9.9
EPSS 0.01
CVE-2023-25764 MEDIUM
Jenkins Email Extension Plugin < 2.93.1 - Stored Cross-Site Scripting via Email Template Rendering
Feb 15, 2023
CVSS 5.4
EPSS 0.01
CVE-2023-25763 MEDIUM
Jenkins Email Extension Plugin < 2.93.1 - Stored Cross-Site Scripting in Email Template Fields
Feb 15, 2023
CVSS 5.4
EPSS 0.01
CVE-2023-25762 MEDIUM
Jenkins Pipeline: Build Step Plugin < 2.18 - Stored Cross-Site Scripting via Job Name in Pipeline Snippet Generator
Feb 15, 2023
CVSS 5.4
EPSS 0.81
CVE-2023-25761 MEDIUM
Jenkins JUnit Plugin < 1166.va_436e268e972 - Stored Cross-Site Scripting via Test Case Class Names
Feb 15, 2023
CVSS 5.4
EPSS 0.01
CVE-2023-24459 MEDIUM
Jenkins BearyChat Plugin <3.0.2 - CSRF
Jan 26, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-24458 HIGH
Jenkins BearyChat Plugin <3.0.2 - CSRF
Jan 26, 2023
CVSS 8.8
EPSS 0.01
CVE-2023-24457 MEDIUM
Jenkins Keycloak Auth Plugin <2.3.0 - CSRF
Jan 26, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-24456 CRITICAL
Jenkins Keycloak Authentication Plugin <2.3.0 - Info Disclosure
Jan 26, 2023
CVSS 9.8
EPSS 0.01
CVE-2023-24455 MEDIUM
Jenkins visualexpert Plugin <1.3 - Info Disclosure
Jan 26, 2023
CVSS 4.3
EPSS 0.01