jenkins
1,798 tracked vulnerabilities.
CVE-2022-25196
MEDIUM
Jenkins GitLab Authentication Plugin < 1.13 - Open Redirect via HTTP Referer Header
Feb 15, 2022
CVSS 5.4
EPSS 0.01
CVE-2022-25195
MEDIUM
Jenkins autonomiq < 1.15 - Missing Authorization for URL Connection
Feb 15, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-25194
HIGH
Jenkins autonomiq < 1.15 - Cross-Site Request Forgery
Feb 15, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-25193
MEDIUM
Jenkins Snow Commander Plugin < 1.10 - Missing Authorization for Credential Capture
Feb 15, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-25192
HIGH
Jenkins Snow Commander Plugin < 1.10 - Cross-Site Request Forgery
Feb 15, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-25191
MEDIUM
Jenkins Agent Server Parameter Plugin < 1.0 - Stored Cross-Site Scripting in Parameter Names
Feb 15, 2022
CVSS 5.4
EPSS 0.01
CVE-2022-25190
MEDIUM
Jenkins Conjur Secrets Plugin < 1.0.11 - Missing Authorization for Credential ID Enumeration
Feb 15, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-25189
MEDIUM
Jenkins Custom Checkbox Parameter Plugin < 1.1 - Stored Cross-Site Scripting via Parameter Names
Feb 15, 2022
CVSS 5.4
EPSS 0.01
CVE-2022-25188
MEDIUM
Jenkins Fortify Plugin < 20.2.34 - Path Traversal and Arbitrary File Write via Pipeline Step Parameters
Feb 15, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-25187
MEDIUM
Jenkins Support Core Plugin <2.79 - Info Disclosure
Feb 15, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-25186
MEDIUM
Jenkins HashiCorp Vault Plugin <3.8.0 - Privilege Escalation
Feb 15, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-25185
MEDIUM
Jenkins Generic Webhook Trigger Plugin <= 1.81 - Stored Cross-Site Scripting via Build Cause
Feb 15, 2022
CVSS 5.4
EPSS 0.01
CVE-2022-25184
MEDIUM
Jenkins Pipeline: Build Step Plugin < 2.15 - Password Parameter Exposure via Pipeline Snippet Generator
Feb 15, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-25183
HIGH
Jenkins Pipeline: Shared Groovy Libraries Plugin <552.vd9cc05b8a2e1...
Feb 15, 2022
CVSS 8.8
EPSS 0.02
CVE-2022-25182
HIGH
Jenkins Pipeline: Shared Groovy Libraries Plugin <552.vd9cc05b8a2e1...
Feb 15, 2022
CVSS 8.8
EPSS 0.02
CVE-2022-25181
HIGH
Jenkins Pipeline: Shared Groovy Libraries Plugin <552.vd9cc05b8a2e1...
Feb 15, 2022
CVSS 8.8
EPSS 0.02
CVE-2022-25180
MEDIUM
Jenkins Pipeline < 2648.va9433432b33c - Cleartext Transmission of Sensitive Information via Replayed Builds
Feb 15, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-25179
MEDIUM
Jenkins Pipeline Multibranch Plugin < 706.vd43c65dec013 - Arbitrary File Read via readTrusted Step
Feb 15, 2022
CVSS 6.5
EPSS 0.02
CVE-2022-25178
MEDIUM
Jenkins Pipeline < 552.vd9cc05b8a2e1 - Path Traversal via libraryResource Step
Feb 15, 2022
CVSS 6.5
EPSS 0.02
CVE-2022-25177
MEDIUM
Jenkins Pipeline < 552.vd9cc05b8a2e1 - Arbitrary File Read via libraryResource Step
Feb 15, 2022
CVSS 6.5
EPSS 0.02
CVE-2022-25176
MEDIUM
Jenkins Pipeline < 2648.va9433432b33c - Arbitrary File Read via Symbolic Link Following
Feb 15, 2022
CVSS 6.5
EPSS 0.02
CVE-2022-25175
HIGH
Jenkins Pipeline Multibranch < 706.vd43c65dec013 - Authenticated OS Command Injection via readTrusted Step
Feb 15, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-25174
HIGH
Jenkins Pipeline < 552.vd9cc05b8a2e1 - Authenticated OS Command Injection via SCM Checkout Directory
Feb 15, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-25173
HIGH
Jenkins Pipeline: Groovy Plugin < 2648.va9433432b33c - OS Command Injection via SCM Content
Feb 15, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-0538
HIGH
Jenkins < 2.334 and LTS < 2.319.3 - Deserialization of Untrusted Data
Feb 09, 2022
CVSS 7.5
EPSS 0.04
Products
jenkins 267
pipeline\ 40
script_security 35
active_directory 12
blue_ocean 11
email_extension 11
git 11
build_failure_analyzer 9
config_file_provider 9
configuration_as_code 9
credentials_binding 8
github_branch_source 8
ns-nd_integration_performance_publisher 8
html_publisher 7
job_configuration_history 7
kubernetes 7
openid_connect_authentication 7
openshift_deployer 7
rundeck 7
subversion 7
amazon_ec2 6
azure_ad 6
azure_vm_agents 6
deployment_dashboard 6
electricflow 6
gerrit_trigger 6
git_client 6
git_parameter 6
github 6
github_pull_request_builder 6
Quick Filters