jenkins

1,798 tracked vulnerabilities.

CVE-2022-2048 HIGH
Eclipse Jetty < 9.4.47 - Denial of Service via HTTP/2 Request Error Handling
Jul 07, 2022
CVSS 7.5
EPSS 0.02
CVE-2022-34818 MEDIUM
Jenkins Failed Job Deactivator Plugin <= 1.2.1 - Missing Authorization in Views and HTTP Endpoints
Jun 30, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-34817 MEDIUM
Jenkins Failed Job Deactivator Plugin < 1.2.1 - Cross-Site Request Forgery
Jun 30, 2022
CVSS 4.3
EPSS 0.00
CVE-2022-34816 MEDIUM
Jenkins HPE Network Virtualization Plugin 1.0 - Insufficiently Protected Credentials
Jun 30, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-34815 MEDIUM
Jenkins Request Rename Or Delete Plugin < 1.1.0 - Cross-Site Request Forgery
Jun 30, 2022
CVSS 4.3
EPSS 0.00
CVE-2022-34814 MEDIUM
Jenkins Request Rename Or Delete Plugin < 1.1.0 - Unauthorized Access to Administrative Configuration Page
Jun 30, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-34813 MEDIUM
Jenkins XPath Configuration Viewer Plugin < 1.1.1 - Missing Authorization for XPath Expression Management
Jun 30, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-34812 MEDIUM
Jenkins XPath Configuration Viewer Plugin < 1.1.1 - Cross-Site Request Forgery
Jun 30, 2022
CVSS 4.3
EPSS 0.00
CVE-2022-34811 MEDIUM
Jenkins XPath Configuration Viewer Plugin < 1.1.1 - Missing Authorization
Jun 30, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-34810 MEDIUM
Jenkins RQM Plugin < 2.8 - Credential ID Enumeration via Overall/Read Permission
Jun 30, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-34809 MEDIUM
Jenkins RQM Plugin < 2.8 - Insufficiently Protected Credentials
Jun 30, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-34808 MEDIUM
Jenkins Cisco Spark Plugin < 1.1.1 - Insufficiently Protected Credentials
Jun 30, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-34807 MEDIUM
Jenkins Elasticsearch Query Plugin <= 1.2 - Insufficiently Protected Credentials
Jun 30, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-34806 MEDIUM
Jenkins Jigomerge < 0.9 - Insufficiently Protected Credentials in Job Config Files
Jun 30, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-34805 MEDIUM
Jenkins Skype notifier Plugin < 1.1.0 - Insufficiently Protected Credentials
Jun 30, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-34804 MEDIUM
Jenkins OpsGenie Plugin < 1.9 - Cleartext Transmission of Sensitive Information via Configuration Forms
Jun 30, 2022
CVSS 4.3
EPSS 0.00
CVE-2022-34803 MEDIUM
Jenkins OpsGenie Plugin < 1.9 - Insufficiently Protected Credentials
Jun 30, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-34802 MEDIUM
Jenkins RocketChat Notifier Plugin <= 1.5.2 - Insufficiently Protected Credentials
Jun 30, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-34801 MEDIUM
Jenkins Build Notifications Plugin < 1.5.0 - Cleartext Transmission of Sensitive Tokens
Jun 30, 2022
CVSS 4.3
EPSS 0.00
CVE-2022-34800 MEDIUM
Jenkins Build Notifications Plugin <= 1.5.0 - Insufficiently Protected Credentials
Jun 30, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-34799 MEDIUM
Jenkins Deployment Dashboard Plugin <= 1.0.10 - Insufficiently Protected Credentials
Jun 30, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-34798 MEDIUM
Jenkins Deployment Dashboard < 1.0.10 - Missing Authorization in HTTP Endpoints
Jun 30, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-34797 MEDIUM
Jenkins Deployment Dashboard Plugin < 1.0.10 - Cross-Site Request Forgery
Jun 30, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-34796 MEDIUM
Jenkins Deployment Dashboard < 1.0.10 - Credential ID Enumeration via Missing Authorization
Jun 30, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-34795 MEDIUM
Jenkins Deployment Dashboard Plugin <= 1.0.10 - Stored Cross-Site Scripting in Environment Names
Jun 30, 2022
CVSS 5.4
EPSS 0.01