jenkins

1,798 tracked vulnerabilities.

CVE-2022-27203 MEDIUM
Jenkins Extended Choice Parameter Plugin < 346.vd87693c5a_86c - Path Traversal and Arbitrary File Read
Mar 15, 2022
CVSS 6.5
EPSS 0.02
CVE-2022-27202 MEDIUM
Jenkins Extended Choice Parameter Plugin < 346.vd87693c5a_86c - Stored XSS
Mar 15, 2022
CVSS 5.4
EPSS 0.01
CVE-2022-27201 MEDIUM
Jenkins Semantic Versioning Plugin < 1.13 - XML External Entity Injection via Crafted File Parsing
Mar 15, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-27200 MEDIUM
Jenkins Folder-based Authorization Strategy Plugin < 1.3 - Stored Cross-Site Scripting in Role Name Display
Mar 15, 2022
CVSS 4.8
EPSS 0.01
CVE-2022-27199 MEDIUM
Jenkins CloudBees AWS Credentials Plugin < 191.vcb_f183ce58b_9 - Missing Authorization
Mar 15, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-27198 HIGH
Jenkins CloudBees AWS Credentials Plugin < 189.v3551d5642995 - Cross-Site Request Forgery
Mar 15, 2022
CVSS 8.0
EPSS 0.01
CVE-2022-27197 MEDIUM
Jenkins Dashboard View Plugin < 2.18.1 - Stored Cross-Site Scripting via Iframe Portlet URL
Mar 15, 2022
CVSS 5.4
EPSS 0.01
CVE-2022-27196 MEDIUM
Jenkins Favorite Plugin < 2.4.1 - Stored Cross-Site Scripting in Job Names
Mar 15, 2022
CVSS 5.4
EPSS 0.01
CVE-2022-27195 MEDIUM
Jenkins Parameterized Trigger Plugin <2.43 - Info Disclosure
Mar 15, 2022
CVSS 5.5
EPSS 0.00
CVE-2022-25212 HIGH
Jenkins SWAMP < 1.2.6 - Cross-Site Request Forgery
Feb 15, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-25211 HIGH
Jenkins SWAMP Plugin < 1.2.6 - Missing Authorization for Web Server Connection
Feb 15, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-25210 MEDIUM
Jenkins Convertigo Mobile Platform Plugin <1.1 - Info Disclosure
Feb 15, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-25209 HIGH
Jenkins Chef Sinatra Plugin < 1.20 - XML External Entity Injection
Feb 15, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-25208 HIGH
Jenkins Chef Sinatra Plugin < 1.20 - Server-Side Request Forgery via XML Response Parsing
Feb 15, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-25207 HIGH
Jenkins Chef Sinatra Plugin < 1.20 - Cross-Site Request Forgery via XML Response Parsing
Feb 15, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-25206 HIGH
Jenkins dbCharts < 0.5.2 - Missing Authorization for JDBC Database Connection
Feb 15, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-25205 HIGH
Jenkins dbCharts Plugin <= 0.5.2 - Cross-Site Request Forgery via JDBC Connection
Feb 15, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-25204 MEDIUM
Jenkins Doktor Plugin <0.4.1 - Info Disclosure
Feb 15, 2022
CVSS 5.4
EPSS 0.01
CVE-2022-25203 MEDIUM
Jenkins Team Views Plugin <= 0.9.0 - Stored Cross-Site Scripting via Team Name
Feb 15, 2022
CVSS 5.4
EPSS 0.01
CVE-2022-25202 MEDIUM
Jenkins Promoted Builds (Simple) Plugin < 1.9 - Stored Cross-Site Scripting in Custom Promotion Level Name
Feb 15, 2022
CVSS 4.8
EPSS 0.01
CVE-2022-25201 MEDIUM
Jenkins Checkmarx Plugin < 2022.1.2 - Missing Authorization
Feb 15, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-25200 HIGH
Jenkins Checkmarx Plugin < 2022.1.2 - Cross-Site Request Forgery
Feb 15, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-25199 HIGH
Jenkins SCP publisher < 1.8 - Missing Authorization for SSH Server Connection
Feb 15, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-25198 HIGH
Jenkins SCP publisher Plugin < 1.8 - Cross-Site Request Forgery
Feb 15, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-25197 MEDIUM
Jenkins HashiCorp Vault Plugin <336.v182c0fbaaeb7 - Info Disclosure
Feb 15, 2022
CVSS 6.5
EPSS 0.01