jenkins
1,798 tracked vulnerabilities.
CVE-2022-2048
HIGH
Eclipse Jetty < 9.4.47 - Denial of Service via HTTP/2 Request Error Handling
Jul 07, 2022
CVSS 7.5
EPSS 0.02
CVE-2022-34818
MEDIUM
Jenkins Failed Job Deactivator Plugin <= 1.2.1 - Missing Authorization in Views and HTTP Endpoints
Jun 30, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-34817
MEDIUM
Jenkins Failed Job Deactivator Plugin < 1.2.1 - Cross-Site Request Forgery
Jun 30, 2022
CVSS 4.3
EPSS 0.00
CVE-2022-34816
MEDIUM
Jenkins HPE Network Virtualization Plugin 1.0 - Insufficiently Protected Credentials
Jun 30, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-34815
MEDIUM
Jenkins Request Rename Or Delete Plugin < 1.1.0 - Cross-Site Request Forgery
Jun 30, 2022
CVSS 4.3
EPSS 0.00
CVE-2022-34814
MEDIUM
Jenkins Request Rename Or Delete Plugin < 1.1.0 - Unauthorized Access to Administrative Configuration Page
Jun 30, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-34813
MEDIUM
Jenkins XPath Configuration Viewer Plugin < 1.1.1 - Missing Authorization for XPath Expression Management
Jun 30, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-34812
MEDIUM
Jenkins XPath Configuration Viewer Plugin < 1.1.1 - Cross-Site Request Forgery
Jun 30, 2022
CVSS 4.3
EPSS 0.00
CVE-2022-34811
MEDIUM
Jenkins XPath Configuration Viewer Plugin < 1.1.1 - Missing Authorization
Jun 30, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-34810
MEDIUM
Jenkins RQM Plugin < 2.8 - Credential ID Enumeration via Overall/Read Permission
Jun 30, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-34809
MEDIUM
Jenkins RQM Plugin < 2.8 - Insufficiently Protected Credentials
Jun 30, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-34808
MEDIUM
Jenkins Cisco Spark Plugin < 1.1.1 - Insufficiently Protected Credentials
Jun 30, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-34807
MEDIUM
Jenkins Elasticsearch Query Plugin <= 1.2 - Insufficiently Protected Credentials
Jun 30, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-34806
MEDIUM
Jenkins Jigomerge < 0.9 - Insufficiently Protected Credentials in Job Config Files
Jun 30, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-34805
MEDIUM
Jenkins Skype notifier Plugin < 1.1.0 - Insufficiently Protected Credentials
Jun 30, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-34804
MEDIUM
Jenkins OpsGenie Plugin < 1.9 - Cleartext Transmission of Sensitive Information via Configuration Forms
Jun 30, 2022
CVSS 4.3
EPSS 0.00
CVE-2022-34803
MEDIUM
Jenkins OpsGenie Plugin < 1.9 - Insufficiently Protected Credentials
Jun 30, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-34802
MEDIUM
Jenkins RocketChat Notifier Plugin <= 1.5.2 - Insufficiently Protected Credentials
Jun 30, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-34801
MEDIUM
Jenkins Build Notifications Plugin < 1.5.0 - Cleartext Transmission of Sensitive Tokens
Jun 30, 2022
CVSS 4.3
EPSS 0.00
CVE-2022-34800
MEDIUM
Jenkins Build Notifications Plugin <= 1.5.0 - Insufficiently Protected Credentials
Jun 30, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-34799
MEDIUM
Jenkins Deployment Dashboard Plugin <= 1.0.10 - Insufficiently Protected Credentials
Jun 30, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-34798
MEDIUM
Jenkins Deployment Dashboard < 1.0.10 - Missing Authorization in HTTP Endpoints
Jun 30, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-34797
MEDIUM
Jenkins Deployment Dashboard Plugin < 1.0.10 - Cross-Site Request Forgery
Jun 30, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-34796
MEDIUM
Jenkins Deployment Dashboard < 1.0.10 - Credential ID Enumeration via Missing Authorization
Jun 30, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-34795
MEDIUM
Jenkins Deployment Dashboard Plugin <= 1.0.10 - Stored Cross-Site Scripting in Environment Names
Jun 30, 2022
CVSS 5.4
EPSS 0.01
Products
jenkins 267
pipeline\ 40
script_security 35
active_directory 12
blue_ocean 11
email_extension 11
git 11
build_failure_analyzer 9
config_file_provider 9
configuration_as_code 9
credentials_binding 8
github_branch_source 8
ns-nd_integration_performance_publisher 8
html_publisher 7
job_configuration_history 7
kubernetes 7
openid_connect_authentication 7
openshift_deployer 7
rundeck 7
subversion 7
amazon_ec2 6
azure_ad 6
azure_vm_agents 6
deployment_dashboard 6
electricflow 6
gerrit_trigger 6
git_client 6
git_parameter 6
github 6
github_pull_request_builder 6
Quick Filters