jenkins
1,798 tracked vulnerabilities.
CVE-2023-24429
CRITICAL
Jenkins Semantic Versioning Plugin <1.14 - SSRF
Jan 26, 2023
CVSS 9.8
EPSS 0.01
CVE-2023-24428
MEDIUM
Jenkins Bitbucket OAuth Plugin <0.12 - CSRF
Jan 26, 2023
CVSS 5.7
EPSS 0.00
CVE-2023-24427
CRITICAL
Jenkins Bitbucket OAuth Plugin <0.12 - Auth Bypass
Jan 26, 2023
CVSS 9.8
EPSS 0.01
CVE-2023-24426
HIGH
Jenkins Azure AD Plugin <303.va_91ef20ee49f - Auth Bypass
Jan 26, 2023
CVSS 8.8
EPSS 0.01
CVE-2023-24425
MEDIUM
Jenkins Kubernetes Credentials Provider Plugin <1.208 - Privilege E...
Jan 26, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-24424
HIGH
Jenkins OpenId Connect Authentication Plugin <2.4 - Auth Bypass
Jan 26, 2023
CVSS 8.8
EPSS 0.01
CVE-2023-24423
MEDIUM
Jenkins Gerrit Trigger Plugin <2.38.0 - CSRF
Jan 26, 2023
CVSS 6.5
EPSS 0.00
CVE-2023-24422
HIGH
Jenkins Script Security Plugin <1228.vd93135a_2fb_25 - Sandbox Bypass via Map Constructors
Jan 26, 2023
CVSS 8.8
EPSS 0.01
CVE-2022-46688
MEDIUM
Jenkins Sonar Gerrit Plugin <377.v8f3808963dc5 - CSRF
Dec 12, 2022
CVSS 6.5
EPSS 0.00
CVE-2022-46687
MEDIUM
Jenkins Spring Config Plugin <2.0.0 - XSS
Dec 12, 2022
CVSS 5.4
EPSS 0.00
CVE-2022-46686
MEDIUM
Jenkins Custom Build Properties Plugin <2.79 - XSS
Dec 12, 2022
CVSS 5.4
EPSS 0.00
CVE-2022-46684
MEDIUM
Jenkins Checkmarx Plugin <2022.3.3 - XSS
Dec 12, 2022
CVSS 5.4
EPSS 0.00
CVE-2022-46683
MEDIUM
Jenkins Google Login Plugin <1.7 - Open Redirect
Dec 12, 2022
CVSS 6.1
EPSS 0.01
CVE-2022-46682
CRITICAL
Jenkins Plot Plugin < 2.1.12 - XML External Entity Injection
Dec 12, 2022
CVSS 9.8
EPSS 0.01
CVE-2022-45401
MEDIUM
Jenkins Associated Files Plugin < 0.2.1 - Stored Cross-Site Scripting via Unescaped File Names
Nov 15, 2022
CVSS 5.4
EPSS 0.01
CVE-2022-45400
CRITICAL
Jenkins JAPEX Plugin < 1.7 - XML External Entity Injection
Nov 15, 2022
CVSS 9.8
EPSS 0.01
CVE-2022-45399
MEDIUM
Jenkins Cluster Statistics Plugin < 0.4.6 - Missing Authorization
Nov 15, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-45398
MEDIUM
Jenkins Cluster Statistics Plugin < 0.4.6 - Cross-Site Request Forgery
Nov 15, 2022
CVSS 4.3
EPSS 0.00
CVE-2022-45397
CRITICAL
Jenkins OSF Builder Suite : : XML Linter Plugin < 1.0.2 - XML External Entity Injection
Nov 15, 2022
CVSS 9.8
EPSS 0.01
CVE-2022-45396
CRITICAL
Jenkins SourceMonitor Plugin < 0.2 - XML External Entity Injection
Nov 15, 2022
CVSS 9.8
EPSS 0.01
CVE-2022-45395
CRITICAL
Jenkins CCCC Plugin < 0.6 - XML External Entity Injection
Nov 15, 2022
CVSS 9.8
EPSS 0.01
CVE-2022-45394
MEDIUM
Jenkins Delete log Plugin < 1.0 - Missing Authorization for Build Log Deletion
Nov 15, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-45393
LOW
Jenkins Delete log Plugin < 1.0 - Cross-Site Request Forgery
Nov 15, 2022
CVSS 3.5
EPSS 0.00
CVE-2022-45392
MEDIUM
Jenkins NS-ND Integration Performance Publisher < 4.8.0.146 - Insufficiently Protected Credentials in Job Config Files
Nov 15, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-45391
HIGH
Jenkins NS-ND Integration Performance Publisher Plugin < 4.8.0.146 - Improper Certificate Validation
Nov 15, 2022
CVSS 7.5
EPSS 0.00
Products
jenkins 267
pipeline\ 40
script_security 35
active_directory 12
blue_ocean 11
email_extension 11
git 11
build_failure_analyzer 9
config_file_provider 9
configuration_as_code 9
credentials_binding 8
github_branch_source 8
ns-nd_integration_performance_publisher 8
html_publisher 7
job_configuration_history 7
kubernetes 7
openid_connect_authentication 7
openshift_deployer 7
rundeck 7
subversion 7
amazon_ec2 6
azure_ad 6
azure_vm_agents 6
deployment_dashboard 6
electricflow 6
gerrit_trigger 6
git_client 6
git_parameter 6
github 6
github_pull_request_builder 6
Quick Filters