jenkins

1,798 tracked vulnerabilities.

CVE-2022-34794 MEDIUM
Jenkins Recipe Plugin < 1.2 - Server-Side Request Forgery via XML Response Parsing
Jun 30, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-34793 HIGH
Jenkins Recipe Plugin < 1.2 - XML External Entity Injection
Jun 30, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-34792 HIGH
Jenkins Recipe Plugin < 1.2 - Cross-Site Request Forgery
Jun 30, 2022
CVSS 8.0
EPSS 0.00
CVE-2022-34791 MEDIUM
Jenkins Validating Email Parameter Plugin < 1.10 - Stored Cross-Site Scripting in Parameter Name and Description
Jun 30, 2022
CVSS 5.4
EPSS 0.01
CVE-2022-34790 MEDIUM
Jenkins eXtreme Feedback Panel Plugin < 2.0.1 - Stored Cross-Site Scripting in Job Name Tooltips
Jun 30, 2022
CVSS 5.4
EPSS 0.01
CVE-2022-34789 MEDIUM
Jenkins Matrix Reloaded Plugin < 1.1.3 - Cross-Site Request Forgery
Jun 30, 2022
CVSS 6.5
EPSS 0.00
CVE-2022-34788 MEDIUM
Jenkins Matrix Reloaded Plugin <= 1.1.3 - Stored Cross-Site Scripting in Agent Name Tooltip
Jun 30, 2022
CVSS 5.4
EPSS 0.01
CVE-2022-34787 MEDIUM
Jenkins Project Inheritance Plugin < 21.04.03 - Cross-Site Scripting in Build Blocked Reason Tooltip
Jun 30, 2022
CVSS 5.4
EPSS 0.01
CVE-2022-34786 MEDIUM
Jenkins Rich Text Publisher Plugin < 1.4 - Stored Cross-Site Scripting in HTML Message
Jun 30, 2022
CVSS 5.4
EPSS 0.01
CVE-2022-34785 MEDIUM
Jenkins build-metrics < 1.3 - Incorrect Authorization in HTTP Endpoints
Jun 30, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-34784 MEDIUM
Jenkins build-metrics 1.3 - Stored Cross-Site Scripting in Build Description View
Jun 30, 2022
CVSS 5.4
EPSS 0.01
CVE-2022-34783 MEDIUM
Jenkins Plot Plugin < 2.1.10 - Stored Cross-Site Scripting in Plot Descriptions
Jun 30, 2022
CVSS 5.4
EPSS 0.80
CVE-2022-34782 MEDIUM
Jenkins requests-plugin < 2.2.16 - Incorrect Authorization
Jun 30, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-34781 MEDIUM
Jenkins XebiaLabs XL Release Plugin < 22.0.0 - Missing Authorization
Jun 30, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-34780 MEDIUM
Jenkins XebiaLabs XL Release Plugin < 22.0.0 - Cross-Site Request Forgery
Jun 30, 2022
CVSS 6.5
EPSS 0.00
CVE-2022-34779 MEDIUM
Jenkins XebiaLabs XL Release Plugin < 22.0.1 - Missing Authorization for Credential ID Enumeration
Jun 30, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-34778 MEDIUM
Jenkins TestNG Results Plugin < 554.va4a552116332 - Cross-Site Scripting via Unescaped Test Descriptions
Jun 30, 2022
CVSS 5.4
EPSS 0.01
CVE-2022-34777 MEDIUM
Jenkins GitLab Plugin < 1.5.34 - Stored Cross-Site Scripting in Webhook Build Description
Jun 30, 2022
CVSS 5.4
EPSS 0.72
CVE-2022-34213 MEDIUM
Jenkins Squash TM Publisher <1.0.0 - Info Disclosure
Jun 23, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-34212 MEDIUM
Jenkins vRealize Orchestrator Plugin <3.0 - Privilege Escalation
Jun 23, 2022
CVSS 5.7
EPSS 0.01
CVE-2022-34211 MEDIUM
Jenkins vRealize Orchestrator Plugin <3.0 - CSRF
Jun 23, 2022
CVSS 6.5
EPSS 0.00
CVE-2022-34210 MEDIUM
Jenkins ThreadFix Plugin <1.5.4 - SSRF
Jun 23, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-34209 MEDIUM
Jenkins ThreadFix Plugin <1.5.4 - CSRF
Jun 23, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-34208 MEDIUM
Jenkins Beaker builder Plugin <1.10 - SSRF
Jun 23, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-34207 MEDIUM
Jenkins Beaker builder Plugin <1.10 - CSRF
Jun 23, 2022
CVSS 6.5
EPSS 0.00