jenkins

1,798 tracked vulnerabilities.

CVE-2022-28142 HIGH
Jenkins Proxmox Plugin < 0.6.0 - SSL/TLS Certificate Validation Disabled
Mar 29, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-28141 MEDIUM
Jenkins Proxmox Plugin < 0.5.0 - Insufficiently Protected Credentials
Mar 29, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-28140 HIGH
Jenkins Flaky Test Handler Plugin < 1.2.1 - XML External Entity Injection
Mar 29, 2022
CVSS 8.1
EPSS 0.01
CVE-2022-28139 MEDIUM
Jenkins RocketChat Notifier Plugin < 1.4.0 - Missing Authorization
Mar 29, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-28138 MEDIUM
Jenkins RocketChat Notifier Plugin < 1.4.10 - Cross-Site Request Forgery
Mar 29, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-28137 MEDIUM
Jenkins JiraTestResultReporter < 165.v817928553942 - Missing Authorization for URL Connection
Mar 29, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-28136 HIGH
Jenkins JiraTestResultReporter < 165.v817928553942 - Cross-Site Request Forgery
Mar 29, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-28135 MEDIUM
Jenkins instant-messaging Plugin < 1.42 - Insufficiently Protected Credentials
Mar 29, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-28134 MEDIUM
Jenkins Bitbucket Server Integration Plugin < 3.1.0 - Missing Authorization in HTTP Endpoints
Mar 29, 2022
CVSS 5.4
EPSS 0.01
CVE-2022-28133 MEDIUM
Jenkins Bitbucket Server Integration Plugin < 3.1.0 - Stored Cross-Site Scripting via OAuth Callback URL
Mar 29, 2022
CVSS 5.4
EPSS 0.01
CVE-2022-27218 MEDIUM
Jenkins incapptic connect uploader < 1.15 - Insufficiently Protected Credentials in job config.xml
Mar 15, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-27217 MEDIUM
Jenkins Vmware vRealize CodeStream < 1.2 - Insufficiently Protected Credentials in Job Config Files
Mar 15, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-27216 MEDIUM
Jenkins dbCharts Plugin <= 0.5.2 - Insufficiently Protected Credentials
Mar 15, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-27215 MEDIUM
Jenkins Release Helper Plugin < 1.3.3 - Server-Side Request Forgery via Missing Permission Check
Mar 15, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-27214 MEDIUM
Jenkins Release Helper Plugin < 1.3.3 - Cross-Site Request Forgery
Mar 15, 2022
CVSS 4.3
EPSS 0.00
CVE-2022-27213 MEDIUM
Jenkins Environment Dashboard Plugin <= 1.1.10 - Stored Cross-Site Scripting in Environment Order Configuration
Mar 15, 2022
CVSS 5.4
EPSS 0.01
CVE-2022-27212 MEDIUM
Jenkins List Git Branches Parameter Plugin <= 0.0.9 - Stored Cross-Site Scripting in Parameter Name
Mar 15, 2022
CVSS 5.4
EPSS 0.01
CVE-2022-27211 MEDIUM
Jenkins Kubernetes Continuous Deploy Plugin < 2.3.1 - Missing Authorization for SSH Credential Capture
Mar 15, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-27210 MEDIUM
Jenkins Kubernetes Continuous Deploy Plugin < 2.3.1 - Cross-Site Request Forgery
Mar 15, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-27209 MEDIUM
Jenkins Kubernetes Continuous Deploy Plugin < 2.3.1 - Missing Authorization for Credential ID Enumeration
Mar 15, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-27208 MEDIUM
Jenkins Kubernetes Continuous Deploy Plugin <= 2.3.1 - Arbitrary File Read via Credentials/Create Permission
Mar 15, 2022
CVSS 6.5
EPSS 0.02
CVE-2022-27207 MEDIUM
Jenkins global-build-stats < 1.5 - Stored Cross-Site Scripting in Chart Configuration
Mar 15, 2022
CVSS 4.8
EPSS 0.01
CVE-2022-27206 MEDIUM
Jenkins GitLab Authentication Plugin <= 1.13 - Insufficiently Protected Credentials
Mar 15, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-27205 MEDIUM
Jenkins Extended Choice Parameter Plugin < 346.vd87693c5a_86c - Server-Side Request Forgery via URL Connection
Mar 15, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-27204 HIGH
Jenkins Extended Choice Parameter < 346.vd87693c5a_86c - Cross-Site Request Forgery
Mar 15, 2022
CVSS 8.8
EPSS 0.01