jenkins
1,798 tracked vulnerabilities.
CVE-2023-28685
HIGH
Jenkins AbsInt a³ Plugin <1.1.0 - XXE
Mar 22, 2023
CVSS 7.1
EPSS 0.01
CVE-2023-27905
CRITICAL
Jenkins update-center2 3.13-3.14 - Stored Cross-Site Scripting in Plugin Download Index Page
Mar 10, 2023
CVSS 9.6
EPSS 0.02
CVE-2023-27904
MEDIUM
Jenkins < 2.375.4, 2.376-2.387.1, < 2.394 - Information Exposure via Agent Connection Error Stack Trace
Mar 10, 2023
CVSS 5.3
EPSS 0.01
CVE-2023-27903
MEDIUM
Jenkins < 2.375.4, 2.376-2.387.1, < 2.394 - Unauthenticated Sensitive File Exposure via CLI File Parameter Upload
Mar 10, 2023
CVSS 4.4
EPSS 0.00
CVE-2023-27902
MEDIUM
Jenkins < 2.375.4, 2.376-2.387.1, < 2.394 - Unprotected Temporary Directory Exposure via Job Workspace
Mar 10, 2023
CVSS 4.3
EPSS 0.01
CVE-2023-27901
HIGH
Jenkins < 2.375.4, < 2.394 - Denial of Service via Unlimited Request Parts
Mar 10, 2023
CVSS 7.5
EPSS 0.01
CVE-2023-27900
HIGH
Jenkins < 2.375.4, < 2.394 - Denial of Service via Unlimited Request Parts in MultipartFormDataParser
Mar 10, 2023
CVSS 7.5
EPSS 0.01
CVE-2023-27899
HIGH
Jenkins < 2.375.4, < 2.394, 2.376-2.387.1 - Arbitrary Code Execution via Plugin Upload Temporary File
Mar 10, 2023
CVSS 7.0
EPSS 0.00
CVE-2023-27898
CRITICAL
Jenkins 2.270-2.393 and LTS 2.277.1-2.375.3 - Stored Cross-Site Scripting in Plugin Dependency Version Error Message
Mar 10, 2023
CVSS 9.6
EPSS 0.02
CVE-2023-23850
MEDIUM
Synopsys Jenkins Coverity Plugin <3.0.2 - Info Disclosure
Feb 15, 2023
CVSS 4.3
EPSS 0.01
CVE-2023-23848
MEDIUM
Synopsys Jenkins Coverity Plugin <3.0.2 - Privilege Escalation
Feb 15, 2023
CVSS 4.3
EPSS 0.01
CVE-2023-23847
LOW
Synopsys Jenkins Coverity Plugin <3.0.2 - CSRF
Feb 15, 2023
CVSS 3.5
EPSS 0.00
CVE-2023-25768
MEDIUM
Jenkins Azure Credentials Plugin < 254.v64da_8176c83a - Missing Authorization
Feb 15, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-25767
HIGH
Jenkins Azure Credentials Plugin < 254.v64da_8176c83a - Cross-Site Request Forgery
Feb 15, 2023
CVSS 8.8
EPSS 0.00
CVE-2023-25766
MEDIUM
Jenkins Azure Credentials Plugin < 254.v64da_8176c83a - Missing Authorization for Credential ID Enumeration
Feb 15, 2023
CVSS 4.3
EPSS 0.01
CVE-2023-25765
CRITICAL
Jenkins Email Extension Plugin <2.93 - Code Injection
Feb 15, 2023
CVSS 9.9
EPSS 0.01
CVE-2023-25764
MEDIUM
Jenkins Email Extension Plugin < 2.93.1 - Stored Cross-Site Scripting via Email Template Rendering
Feb 15, 2023
CVSS 5.4
EPSS 0.01
CVE-2023-25763
MEDIUM
Jenkins Email Extension Plugin < 2.93.1 - Stored Cross-Site Scripting in Email Template Fields
Feb 15, 2023
CVSS 5.4
EPSS 0.01
CVE-2023-25762
MEDIUM
Jenkins Pipeline: Build Step Plugin < 2.18 - Stored Cross-Site Scripting via Job Name in Pipeline Snippet Generator
Feb 15, 2023
CVSS 5.4
EPSS 0.81
CVE-2023-25761
MEDIUM
Jenkins JUnit Plugin < 1166.va_436e268e972 - Stored Cross-Site Scripting via Test Case Class Names
Feb 15, 2023
CVSS 5.4
EPSS 0.01
CVE-2023-24459
MEDIUM
Jenkins BearyChat Plugin <3.0.2 - CSRF
Jan 26, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-24458
HIGH
Jenkins BearyChat Plugin <3.0.2 - CSRF
Jan 26, 2023
CVSS 8.8
EPSS 0.01
CVE-2023-24457
MEDIUM
Jenkins Keycloak Auth Plugin <2.3.0 - CSRF
Jan 26, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-24456
CRITICAL
Jenkins Keycloak Authentication Plugin <2.3.0 - Info Disclosure
Jan 26, 2023
CVSS 9.8
EPSS 0.01
CVE-2023-24455
MEDIUM
Jenkins visualexpert Plugin <1.3 - Info Disclosure
Jan 26, 2023
CVSS 4.3
EPSS 0.01
Products
jenkins 267
pipeline\ 40
script_security 35
active_directory 12
blue_ocean 11
email_extension 11
git 11
build_failure_analyzer 9
config_file_provider 9
configuration_as_code 9
credentials_binding 8
github_branch_source 8
ns-nd_integration_performance_publisher 8
html_publisher 7
job_configuration_history 7
kubernetes 7
openid_connect_authentication 7
openshift_deployer 7
rundeck 7
subversion 7
amazon_ec2 6
azure_ad 6
azure_vm_agents 6
deployment_dashboard 6
electricflow 6
gerrit_trigger 6
git_client 6
git_parameter 6
github 6
github_pull_request_builder 6
Quick Filters