jenkins
1,798 tracked vulnerabilities.
CVE-2022-27203
MEDIUM
Jenkins Extended Choice Parameter Plugin < 346.vd87693c5a_86c - Path Traversal and Arbitrary File Read
Mar 15, 2022
CVSS 6.5
EPSS 0.02
CVE-2022-27202
MEDIUM
Jenkins Extended Choice Parameter Plugin < 346.vd87693c5a_86c - Stored XSS
Mar 15, 2022
CVSS 5.4
EPSS 0.01
CVE-2022-27201
MEDIUM
Jenkins Semantic Versioning Plugin < 1.13 - XML External Entity Injection via Crafted File Parsing
Mar 15, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-27200
MEDIUM
Jenkins Folder-based Authorization Strategy Plugin < 1.3 - Stored Cross-Site Scripting in Role Name Display
Mar 15, 2022
CVSS 4.8
EPSS 0.01
CVE-2022-27199
MEDIUM
Jenkins CloudBees AWS Credentials Plugin < 191.vcb_f183ce58b_9 - Missing Authorization
Mar 15, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-27198
HIGH
Jenkins CloudBees AWS Credentials Plugin < 189.v3551d5642995 - Cross-Site Request Forgery
Mar 15, 2022
CVSS 8.0
EPSS 0.01
CVE-2022-27197
MEDIUM
Jenkins Dashboard View Plugin < 2.18.1 - Stored Cross-Site Scripting via Iframe Portlet URL
Mar 15, 2022
CVSS 5.4
EPSS 0.01
CVE-2022-27196
MEDIUM
Jenkins Favorite Plugin < 2.4.1 - Stored Cross-Site Scripting in Job Names
Mar 15, 2022
CVSS 5.4
EPSS 0.01
CVE-2022-27195
MEDIUM
Jenkins Parameterized Trigger Plugin <2.43 - Info Disclosure
Mar 15, 2022
CVSS 5.5
EPSS 0.00
CVE-2022-25212
HIGH
Jenkins SWAMP < 1.2.6 - Cross-Site Request Forgery
Feb 15, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-25211
HIGH
Jenkins SWAMP Plugin < 1.2.6 - Missing Authorization for Web Server Connection
Feb 15, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-25210
MEDIUM
Jenkins Convertigo Mobile Platform Plugin <1.1 - Info Disclosure
Feb 15, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-25209
HIGH
Jenkins Chef Sinatra Plugin < 1.20 - XML External Entity Injection
Feb 15, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-25208
HIGH
Jenkins Chef Sinatra Plugin < 1.20 - Server-Side Request Forgery via XML Response Parsing
Feb 15, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-25207
HIGH
Jenkins Chef Sinatra Plugin < 1.20 - Cross-Site Request Forgery via XML Response Parsing
Feb 15, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-25206
HIGH
Jenkins dbCharts < 0.5.2 - Missing Authorization for JDBC Database Connection
Feb 15, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-25205
HIGH
Jenkins dbCharts Plugin <= 0.5.2 - Cross-Site Request Forgery via JDBC Connection
Feb 15, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-25204
MEDIUM
Jenkins Doktor Plugin <0.4.1 - Info Disclosure
Feb 15, 2022
CVSS 5.4
EPSS 0.01
CVE-2022-25203
MEDIUM
Jenkins Team Views Plugin <= 0.9.0 - Stored Cross-Site Scripting via Team Name
Feb 15, 2022
CVSS 5.4
EPSS 0.01
CVE-2022-25202
MEDIUM
Jenkins Promoted Builds (Simple) Plugin < 1.9 - Stored Cross-Site Scripting in Custom Promotion Level Name
Feb 15, 2022
CVSS 4.8
EPSS 0.01
CVE-2022-25201
MEDIUM
Jenkins Checkmarx Plugin < 2022.1.2 - Missing Authorization
Feb 15, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-25200
HIGH
Jenkins Checkmarx Plugin < 2022.1.2 - Cross-Site Request Forgery
Feb 15, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-25199
HIGH
Jenkins SCP publisher < 1.8 - Missing Authorization for SSH Server Connection
Feb 15, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-25198
HIGH
Jenkins SCP publisher Plugin < 1.8 - Cross-Site Request Forgery
Feb 15, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-25197
MEDIUM
Jenkins HashiCorp Vault Plugin <336.v182c0fbaaeb7 - Info Disclosure
Feb 15, 2022
CVSS 6.5
EPSS 0.01
Products
jenkins 267
pipeline\ 40
script_security 35
active_directory 12
blue_ocean 11
email_extension 11
git 11
build_failure_analyzer 9
config_file_provider 9
configuration_as_code 9
credentials_binding 8
github_branch_source 8
ns-nd_integration_performance_publisher 8
html_publisher 7
job_configuration_history 7
kubernetes 7
openid_connect_authentication 7
openshift_deployer 7
rundeck 7
subversion 7
amazon_ec2 6
azure_ad 6
azure_vm_agents 6
deployment_dashboard 6
electricflow 6
gerrit_trigger 6
git_client 6
git_parameter 6
github 6
github_pull_request_builder 6
Quick Filters