jenkins

1,798 tracked vulnerabilities.

CVE-2022-36905 MEDIUM
Jenkins Maven Metadata Plugin < 2.2 - Stored Cross-Site Scripting via Repository Base URL
Jul 27, 2022
CVSS 5.4
EPSS 0.01
CVE-2022-36904 MEDIUM
Jenkins Repository Connector < 2.2.0 - Missing Authorization for File Path Existence Check
Jul 27, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-36903 MEDIUM
Jenkins Repository Connector < 2.2.0 - Missing Authorization for Credential ID Enumeration
Jul 27, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-36902 MEDIUM
Jenkins Dynamic Extended Choice Parameter Plugin <=1.0.1 - Stored XSS
Jul 27, 2022
CVSS 5.4
EPSS 0.01
CVE-2022-36901 MEDIUM
Jenkins HTTP Request Plugin < 1.15 - Insufficiently Protected Credentials
Jul 27, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-36900 HIGH
Jenkins Compuware zAdviser API Plugin <1.0.3 - Privilege Escalation
Jul 27, 2022
CVSS 8.2
EPSS 0.01
CVE-2022-36899 HIGH
Jenkins Compuware ISPW Ops Plug <1.0.8 - Privilege Escalation
Jul 27, 2022
CVSS 8.2
EPSS 0.01
CVE-2022-36898 MEDIUM
Jenkins Compuware ISPW Operations Plugin < 1.0.8 - Missing Authorization
Jul 27, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-36897 MEDIUM
Jenkins Compuware Xpediter Code Coverage Plugin < 1.0.7 - Missing Authorization
Jul 27, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-36896 MEDIUM
Jenkins Compuware Source Code Download for Endevor, PDS, and ISPW Plugin < 2.0.12 - Missing Authorization
Jul 27, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-36895 MEDIUM
Jenkins Compuware Topaz Utilities Plugin < 1.0.8 - Missing Authorization
Jul 27, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-36894 MEDIUM
Jenkins CLIF Performance Testing Plugin <64 - File Write
Jul 27, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-36893 MEDIUM
Jenkins rpmsign-plugin < 0.5.0 - Missing Authorization in Form Validation
Jul 27, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-36892 MEDIUM
Jenkins rhnpush-plugin < 0.5.1 - Missing Authorization in Form Validation
Jul 27, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-36891 MEDIUM
Jenkins Deployer Framework Plugin < 85.v1d1888e8c021 - Missing Authorization for Deployment Logs
Jul 27, 2022
CVSS 4.3
EPSS 0.00
CVE-2022-36890 MEDIUM
Jenkins Deployer Framework Plugin < 85.v1d1888e8c021 - Path Traversal via Form Validation
Jul 27, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-36889 HIGH
Jenkins Deployer Framework Plugin < 85.v1d1888e8c021 - Arbitrary File Upload via Application Path Configuration
Jul 27, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-36888 MEDIUM
Jenkins HashiCorp Vault Plugin < 354.vdb_858fd6b_f48 - Missing Authorization for Vault Credential Access
Jul 27, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-36887 MEDIUM
Jenkins Job Configuration History Plugin < 1155.v28a_46a_cc06a_5 - Cross-Site Request Forgery
Jul 27, 2022
CVSS 4.3
EPSS 0.00
CVE-2022-36886 MEDIUM
Jenkins External Monitor Job Type Plugin < 191.v363d0d1efdf8 - Cross-Site Request Forgery
Jul 27, 2022
CVSS 4.3
EPSS 0.00
CVE-2022-36885 MEDIUM
Jenkins GitHub Plugin < 1.34.4 - Timing Attack via Webhook Signature Comparison
Jul 27, 2022
CVSS 5.3
EPSS 0.01
CVE-2022-36884 MEDIUM
Jenkins Git Plugin < 4.11.3 - Unauthenticated Information Disclosure via Webhook Endpoint
Jul 27, 2022
CVSS 5.3
EPSS 0.01
CVE-2022-36883 HIGH NUCLEI
Jenkins Git Plugin < 4.11.3 - Unauthenticated Build Trigger and Arbitrary Repository Checkout
Jul 27, 2022
CVSS 7.5
EPSS 0.06
CVE-2022-36882 HIGH
Jenkins Git Plugin < 4.11.3 - Cross-Site Request Forgery
Jul 27, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-36881 HIGH
Jenkins Git client Plugin <= 3.11.0 - SSH Host Key Verification Bypass
Jul 27, 2022
CVSS 8.1
EPSS 0.01