jenkins
1,798 tracked vulnerabilities.
CVE-2022-36905
MEDIUM
Jenkins Maven Metadata Plugin < 2.2 - Stored Cross-Site Scripting via Repository Base URL
Jul 27, 2022
CVSS 5.4
EPSS 0.01
CVE-2022-36904
MEDIUM
Jenkins Repository Connector < 2.2.0 - Missing Authorization for File Path Existence Check
Jul 27, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-36903
MEDIUM
Jenkins Repository Connector < 2.2.0 - Missing Authorization for Credential ID Enumeration
Jul 27, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-36902
MEDIUM
Jenkins Dynamic Extended Choice Parameter Plugin <=1.0.1 - Stored XSS
Jul 27, 2022
CVSS 5.4
EPSS 0.01
CVE-2022-36901
MEDIUM
Jenkins HTTP Request Plugin < 1.15 - Insufficiently Protected Credentials
Jul 27, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-36900
HIGH
Jenkins Compuware zAdviser API Plugin <1.0.3 - Privilege Escalation
Jul 27, 2022
CVSS 8.2
EPSS 0.01
CVE-2022-36899
HIGH
Jenkins Compuware ISPW Ops Plug <1.0.8 - Privilege Escalation
Jul 27, 2022
CVSS 8.2
EPSS 0.01
CVE-2022-36898
MEDIUM
Jenkins Compuware ISPW Operations Plugin < 1.0.8 - Missing Authorization
Jul 27, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-36897
MEDIUM
Jenkins Compuware Xpediter Code Coverage Plugin < 1.0.7 - Missing Authorization
Jul 27, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-36896
MEDIUM
Jenkins Compuware Source Code Download for Endevor, PDS, and ISPW Plugin < 2.0.12 - Missing Authorization
Jul 27, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-36895
MEDIUM
Jenkins Compuware Topaz Utilities Plugin < 1.0.8 - Missing Authorization
Jul 27, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-36894
MEDIUM
Jenkins CLIF Performance Testing Plugin <64 - File Write
Jul 27, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-36893
MEDIUM
Jenkins rpmsign-plugin < 0.5.0 - Missing Authorization in Form Validation
Jul 27, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-36892
MEDIUM
Jenkins rhnpush-plugin < 0.5.1 - Missing Authorization in Form Validation
Jul 27, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-36891
MEDIUM
Jenkins Deployer Framework Plugin < 85.v1d1888e8c021 - Missing Authorization for Deployment Logs
Jul 27, 2022
CVSS 4.3
EPSS 0.00
CVE-2022-36890
MEDIUM
Jenkins Deployer Framework Plugin < 85.v1d1888e8c021 - Path Traversal via Form Validation
Jul 27, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-36889
HIGH
Jenkins Deployer Framework Plugin < 85.v1d1888e8c021 - Arbitrary File Upload via Application Path Configuration
Jul 27, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-36888
MEDIUM
Jenkins HashiCorp Vault Plugin < 354.vdb_858fd6b_f48 - Missing Authorization for Vault Credential Access
Jul 27, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-36887
MEDIUM
Jenkins Job Configuration History Plugin < 1155.v28a_46a_cc06a_5 - Cross-Site Request Forgery
Jul 27, 2022
CVSS 4.3
EPSS 0.00
CVE-2022-36886
MEDIUM
Jenkins External Monitor Job Type Plugin < 191.v363d0d1efdf8 - Cross-Site Request Forgery
Jul 27, 2022
CVSS 4.3
EPSS 0.00
CVE-2022-36885
MEDIUM
Jenkins GitHub Plugin < 1.34.4 - Timing Attack via Webhook Signature Comparison
Jul 27, 2022
CVSS 5.3
EPSS 0.01
CVE-2022-36884
MEDIUM
Jenkins Git Plugin < 4.11.3 - Unauthenticated Information Disclosure via Webhook Endpoint
Jul 27, 2022
CVSS 5.3
EPSS 0.01
CVE-2022-36883
HIGH
NUCLEI
Jenkins Git Plugin < 4.11.3 - Unauthenticated Build Trigger and Arbitrary Repository Checkout
Jul 27, 2022
CVSS 7.5
EPSS 0.06
CVE-2022-36882
HIGH
Jenkins Git Plugin < 4.11.3 - Cross-Site Request Forgery
Jul 27, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-36881
HIGH
Jenkins Git client Plugin <= 3.11.0 - SSH Host Key Verification Bypass
Jul 27, 2022
CVSS 8.1
EPSS 0.01
Products
jenkins 267
pipeline\ 40
script_security 35
active_directory 12
blue_ocean 11
email_extension 11
git 11
build_failure_analyzer 9
config_file_provider 9
configuration_as_code 9
credentials_binding 8
github_branch_source 8
ns-nd_integration_performance_publisher 8
html_publisher 7
job_configuration_history 7
kubernetes 7
openid_connect_authentication 7
openshift_deployer 7
rundeck 7
subversion 7
amazon_ec2 6
azure_ad 6
azure_vm_agents 6
deployment_dashboard 6
electricflow 6
gerrit_trigger 6
git_client 6
git_parameter 6
github 6
github_pull_request_builder 6
Quick Filters