jenkins

1,798 tracked vulnerabilities.

CVE-2023-24429 CRITICAL
Jenkins Semantic Versioning Plugin <1.14 - SSRF
Jan 26, 2023
CVSS 9.8
EPSS 0.01
CVE-2023-24428 MEDIUM
Jenkins Bitbucket OAuth Plugin <0.12 - CSRF
Jan 26, 2023
CVSS 5.7
EPSS 0.00
CVE-2023-24427 CRITICAL
Jenkins Bitbucket OAuth Plugin <0.12 - Auth Bypass
Jan 26, 2023
CVSS 9.8
EPSS 0.01
CVE-2023-24426 HIGH
Jenkins Azure AD Plugin <303.va_91ef20ee49f - Auth Bypass
Jan 26, 2023
CVSS 8.8
EPSS 0.01
CVE-2023-24425 MEDIUM
Jenkins Kubernetes Credentials Provider Plugin <1.208 - Privilege E...
Jan 26, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-24424 HIGH
Jenkins OpenId Connect Authentication Plugin <2.4 - Auth Bypass
Jan 26, 2023
CVSS 8.8
EPSS 0.01
CVE-2023-24423 MEDIUM
Jenkins Gerrit Trigger Plugin <2.38.0 - CSRF
Jan 26, 2023
CVSS 6.5
EPSS 0.00
CVE-2023-24422 HIGH
Jenkins Script Security Plugin <1228.vd93135a_2fb_25 - Sandbox Bypass via Map Constructors
Jan 26, 2023
CVSS 8.8
EPSS 0.01
CVE-2022-46688 MEDIUM
Jenkins Sonar Gerrit Plugin <377.v8f3808963dc5 - CSRF
Dec 12, 2022
CVSS 6.5
EPSS 0.00
CVE-2022-46687 MEDIUM
Jenkins Spring Config Plugin <2.0.0 - XSS
Dec 12, 2022
CVSS 5.4
EPSS 0.00
CVE-2022-46686 MEDIUM
Jenkins Custom Build Properties Plugin <2.79 - XSS
Dec 12, 2022
CVSS 5.4
EPSS 0.00
CVE-2022-46684 MEDIUM
Jenkins Checkmarx Plugin <2022.3.3 - XSS
Dec 12, 2022
CVSS 5.4
EPSS 0.00
CVE-2022-46683 MEDIUM
Jenkins Google Login Plugin <1.7 - Open Redirect
Dec 12, 2022
CVSS 6.1
EPSS 0.01
CVE-2022-46682 CRITICAL
Jenkins Plot Plugin < 2.1.12 - XML External Entity Injection
Dec 12, 2022
CVSS 9.8
EPSS 0.01
CVE-2022-45401 MEDIUM
Jenkins Associated Files Plugin < 0.2.1 - Stored Cross-Site Scripting via Unescaped File Names
Nov 15, 2022
CVSS 5.4
EPSS 0.01
CVE-2022-45400 CRITICAL
Jenkins JAPEX Plugin < 1.7 - XML External Entity Injection
Nov 15, 2022
CVSS 9.8
EPSS 0.01
CVE-2022-45399 MEDIUM
Jenkins Cluster Statistics Plugin < 0.4.6 - Missing Authorization
Nov 15, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-45398 MEDIUM
Jenkins Cluster Statistics Plugin < 0.4.6 - Cross-Site Request Forgery
Nov 15, 2022
CVSS 4.3
EPSS 0.00
CVE-2022-45397 CRITICAL
Jenkins OSF Builder Suite : : XML Linter Plugin < 1.0.2 - XML External Entity Injection
Nov 15, 2022
CVSS 9.8
EPSS 0.01
CVE-2022-45396 CRITICAL
Jenkins SourceMonitor Plugin < 0.2 - XML External Entity Injection
Nov 15, 2022
CVSS 9.8
EPSS 0.01
CVE-2022-45395 CRITICAL
Jenkins CCCC Plugin < 0.6 - XML External Entity Injection
Nov 15, 2022
CVSS 9.8
EPSS 0.01
CVE-2022-45394 MEDIUM
Jenkins Delete log Plugin < 1.0 - Missing Authorization for Build Log Deletion
Nov 15, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-45393 LOW
Jenkins Delete log Plugin < 1.0 - Cross-Site Request Forgery
Nov 15, 2022
CVSS 3.5
EPSS 0.00
CVE-2022-45392 MEDIUM
Jenkins NS-ND Integration Performance Publisher < 4.8.0.146 - Insufficiently Protected Credentials in Job Config Files
Nov 15, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-45391 HIGH
Jenkins NS-ND Integration Performance Publisher Plugin < 4.8.0.146 - Improper Certificate Validation
Nov 15, 2022
CVSS 7.5
EPSS 0.00