jenkins

1,755 tracked vulnerabilities.

CVE-2022-45397 CRITICAL
Jenkins OSF Builder Suite : : XML Linter Plugin < 1.0.2 - XML External Entity Injection
Nov 15, 2022
CVSS 9.8
EPSS 0.03
CVE-2022-45396 CRITICAL
Jenkins SourceMonitor Plugin < 0.2 - XML External Entity Injection
Nov 15, 2022
CVSS 9.8
EPSS 0.03
CVE-2022-45395 CRITICAL
Jenkins CCCC Plugin < 0.6 - XML External Entity Injection
Nov 15, 2022
CVSS 9.8
EPSS 0.05
CVE-2022-45394 MEDIUM
Jenkins Delete log Plugin < 1.0 - Missing Authorization for Build Log Deletion
Nov 15, 2022
CVSS 4.3
EPSS 0.00
CVE-2022-45393 LOW
Jenkins Delete log Plugin < 1.0 - Cross-Site Request Forgery
Nov 15, 2022
CVSS 3.5
EPSS 0.00
CVE-2022-45392 MEDIUM
Jenkins NS-ND Integration Performance Publisher < 4.8.0.146 - Insufficiently Protected Credentials in Job Config Files
Nov 15, 2022
CVSS 6.5
EPSS 0.00
CVE-2022-45391 HIGH
Jenkins NS-ND Integration Performance Publisher Plugin < 4.8.0.146 - Improper Certificate Validation
Nov 15, 2022
CVSS 7.5
EPSS 0.00
CVE-2022-45390 MEDIUM
Jenkins loader.io < 1.0.1 - Missing Authorization for Credential ID Enumeration
Nov 15, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-45389 MEDIUM
Jenkins XP-Dev Plugin < 1.0 - Unauthenticated Build Trigger via Repository Specification
Nov 15, 2022
CVSS 5.3
EPSS 0.02
CVE-2022-45388 HIGH
Jenkins Config Rotator Plugin < 2.0.1 - Unauthenticated Arbitrary File Read via File Name Query Parameter
Nov 15, 2022
CVSS 7.5
EPSS 0.00
CVE-2022-45387 MEDIUM
Jenkins BART Plugin < 1.0.3 - Stored Cross-Site Scripting in Build Log Renderer
Nov 15, 2022
CVSS 5.4
EPSS 0.05
CVE-2022-45386 MEDIUM
Jenkins Violations Plugin < 0.7.11 - XML External Entity Injection
Nov 15, 2022
CVSS 5.5
EPSS 0.02
CVE-2022-45385 HIGH
Jenkins CloudBees Docker Hub/Registry Notification Plugin < 2.6.2.1 - Unauthenticated Build Trigger
Nov 15, 2022
CVSS 7.5
EPSS 0.02
CVE-2022-45384 MEDIUM
Jenkins Reverse Proxy Auth Plugin <= 1.7.3 - Insufficiently Protected Credentials in LDAP Manager Password Storage
Nov 15, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-45383 MEDIUM
Jenkins Support Core Plugin < 1206.1208.v9b_7a_1d48db_0f - Incorrect Authorization
Nov 15, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-45382 MEDIUM
Jenkins Naginator Plugin < 1.18.2 - Stored Cross-Site Scripting via Build Display Name
Nov 15, 2022
CVSS 5.4
EPSS 0.09
CVE-2022-45381 HIGH
Jenkins Pipeline Utility Steps < 2.13.2 - Arbitrary File Read via Apache Commons Configuration Interpolator
Nov 15, 2022
CVSS 8.1
EPSS 0.00
CVE-2022-45380 MEDIUM
Jenkins JUnit Plugin < 1160.vf1f01a_a_ea_b_7f - Stored Cross-Site Scripting via Test Report URL Conversion
Nov 15, 2022
CVSS 5.4
EPSS 0.02
CVE-2022-45379 HIGH
Jenkins Script Security Plugin < 1190.v65867a_a_47126 - Inadequate Encryption Strength via SHA-1 Hash Collision
Nov 15, 2022
CVSS 7.5
EPSS 0.00
CVE-2022-38666 HIGH
Jenkins NS-ND Integration Performance Publisher Plugin <4.8.0.146 -...
Nov 15, 2022
CVSS 7.5
EPSS 0.00
CVE-2022-43435 MEDIUM
Jenkins 360 FireLine Plugin <1.7.2 - Info Disclosure
Oct 19, 2022
CVSS 5.3
EPSS 0.01
CVE-2022-43434 MEDIUM
Jenkins NeuVector Vuln Scanner <1.20 - Info Disclosure
Oct 19, 2022
CVSS 5.3
EPSS 0.01
CVE-2022-43433 MEDIUM
Jenkins ScreenRecorder Plugin <0.7 - Info Disclosure
Oct 19, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-43432 MEDIUM
Jenkins XFramium Builder Plugin <1.0.22 - XSS
Oct 19, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-43431 MEDIUM
Jenkins Compuware Strobe Measurement Plugin <1.0.1 - Info Disclosure
Oct 19, 2022
CVSS 4.3
EPSS 0.01
Products
jenkins 259 pipeline\ 37 script_security 33 blue_ocean 11 git 11 email_extension 10 active_directory 9 build_failure_analyzer 9 config_file_provider 9 configuration_as_code 9 ns-nd_integration_performance_publisher 8 credentials_binding 7 github_branch_source 7 html_publisher 7 kubernetes 7 openid_connect_authentication 7 openshift_deployer 7 rundeck 7 subversion 7 amazon_ec2 6 azure_ad 6 azure_vm_agents 6 deployment_dashboard 6 electricflow 6 gerrit_trigger 6 github 6 github_pull_request_builder 6 gitlab 6 google_compute_engine 6 hashicorp_vault 6
Quick Filters
Critical CVEs With Exploits In CISA KEV