jenkins

1,798 tracked vulnerabilities.

CVE-2022-29042 MEDIUM
Jenkins Job Generator Plugin <1.22 - XSS
Apr 12, 2022
CVSS 5.4
EPSS 0.01
CVE-2022-29041 MEDIUM
Jenkins Jira Plugin <=3.7 (excluding 3.6.1) - Stored Cross-Site Scripting in Jira Issue and Release Version Parameters
Apr 12, 2022
CVSS 5.4
EPSS 0.01
CVE-2022-29040 MEDIUM
Jenkins Git Parameter Plugin <0.9.15 - XSS
Apr 12, 2022
CVSS 5.4
EPSS 0.01
CVE-2022-29039 MEDIUM
Jenkins Gerrit Trigger Plugin <2.35.2 - XSS
Apr 12, 2022
CVSS 5.4
EPSS 0.01
CVE-2022-29038 MEDIUM
Jenkins Extended Choice Parameter Plugin <346.vd87693c5a_86c - XSS
Apr 12, 2022
CVSS 5.4
EPSS 0.01
CVE-2022-29037 MEDIUM
Jenkins CVS Plugin < 2.19 - Stored Cross-Site Scripting in Symbolic Name Parameters
Apr 12, 2022
CVSS 5.4
EPSS 0.01
CVE-2022-29036 MEDIUM
Jenkins Credentials Plugin <1111.v35a_307992395 - XSS
Apr 12, 2022
CVSS 5.4
EPSS 0.79
CVE-2022-28160 MEDIUM
Jenkins Tests Selector Plugin < 1.3.3 - Arbitrary File Read via Item/Configure Permission
Mar 29, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-28159 MEDIUM
Jenkins Tests Selector Plugin < 1.3.3 - Stored Cross-Site Scripting via Properties File Path Option
Mar 29, 2022
CVSS 5.4
EPSS 0.01
CVE-2022-28158 MEDIUM
Jenkins Pipeline: Phoenix AutoTest Plugin < 1.3 - Missing Authorization for Credential ID Enumeration
Mar 29, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-28157 MEDIUM
Jenkins Pipeline: Phoenix AutoTest Plugin < 1.3 - Arbitrary File Upload via FTP
Mar 29, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-28156 MEDIUM
Jenkins Pipeline: Phoenix AutoTest Plugin < 1.3 - Path Traversal via Agent Workspace Copy
Mar 29, 2022
CVSS 6.5
EPSS 0.02
CVE-2022-28155 HIGH
Jenkins Pipeline: Phoenix AutoTest Plugin < 1.3 - XML External Entity Injection
Mar 29, 2022
CVSS 8.1
EPSS 0.01
CVE-2022-28154 HIGH
Jenkins Coverage/Complexity Scatter Plot Plugin < 1.1.1 - XML External Entity Injection
Mar 29, 2022
CVSS 8.1
EPSS 0.01
CVE-2022-28153 MEDIUM
Jenkins SiteMonitor Plugin <= 0.6 - Stored Cross-Site Scripting in Site URL Tooltips
Mar 29, 2022
CVSS 5.4
EPSS 0.01
CVE-2022-28152 MEDIUM
Jenkins Job and Node Ownership Plugin < 0.13.0 - Cross-Site Request Forgery
Mar 29, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-28151 MEDIUM
Jenkins Job and Node Ownership Plugin < 0.13.0 - Missing Authorization
Mar 29, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-28150 HIGH
Jenkins Job and Node Ownership Plugin < 0.13.0 - Cross-Site Request Forgery
Mar 29, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-28149 MEDIUM
Jenkins Job and Node Ownership Plugin < 0.13.0 - Stored Cross-Site Scripting in Secondary Owner Names
Mar 29, 2022
CVSS 5.4
EPSS 0.01
CVE-2022-28148 MEDIUM
Jenkins Continuous Integration with Toad Edge Plugin < 2.3 - Path Traversal via File Browser
Mar 29, 2022
CVSS 6.5
EPSS 0.02
CVE-2022-28147 MEDIUM
Jenkins Continuous Integration with Toad Edge Plugin < 2.3 - Missing Authorization for File Path Existence Check
Mar 29, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-28146 MEDIUM
Jenkins Continuous Integration with Toad Edge Plugin < 2.3 - Arbitrary File Read via Input Folder Parameter
Mar 29, 2022
CVSS 6.5
EPSS 0.02
CVE-2022-28145 MEDIUM
Jenkins Continuous Integration with Toad Edge Plugin < 2.3 - Stored Cross-Site Scripting via Report Files
Mar 29, 2022
CVSS 5.4
EPSS 0.01
CVE-2022-28144 MEDIUM
Jenkins Proxmox Plugin < 0.7.0 - Missing Authorization in HTTP Endpoints
Mar 29, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-28143 MEDIUM
Jenkins Proxmox Plugin < 0.7.0 - Cross-Site Request Forgery
Mar 29, 2022
CVSS 6.5
EPSS 0.01