jenkins

1,755 tracked vulnerabilities.

CVE-2022-20617 HIGH
Jenkins Docker Commons Plugin <1.17 - Command Injection
Jan 12, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-20616 MEDIUM
Jenkins Credentials Binding Plugin <1.27 - Privilege Escalation
Jan 12, 2022
CVSS 4.3
EPSS 0.00
CVE-2022-20615 MEDIUM
Jenkins Matrix Project Plugin <1.19 - XSS
Jan 12, 2022
CVSS 5.4
EPSS 0.03
CVE-2022-20614 MEDIUM
Jenkins Mailer Plugin <391.ve4a_38c1f - Info Disclosure
Jan 12, 2022
CVSS 4.3
EPSS 0.00
CVE-2022-20613 MEDIUM
Jenkins Mailer Plugin <391.ve4a_38c1b_cf4b - CSRF
Jan 12, 2022
CVSS 4.3
EPSS 0.00
CVE-2022-20612 MEDIUM
Jenkins < 2.319.1 and 2.320-2.329 - Cross-Site Request Forgery
Jan 12, 2022
CVSS 4.3
EPSS 0.00
CVE-2021-43859 HIGH
XStream <1.4.19 - DoS
Feb 01, 2022
CVSS 7.5
EPSS 0.02
CVE-2021-43578 HIGH
Jenkins Squash TM Publisher <1.0.0 - Code Injection
Nov 12, 2021
CVSS 8.1
EPSS 0.00
CVE-2021-43577 HIGH
Jenkins OWASP Dependency-Check Plugin <5.1.1 - XXE
Nov 12, 2021
CVSS 7.1
EPSS 0.00
CVE-2021-43576 MEDIUM
Jenkins pom2config Plugin <1.2 - XXE
Nov 12, 2021
CVSS 6.5
EPSS 0.00
CVE-2021-21701 MEDIUM
Jenkins Performance Plugin < 3.20 - XML External Entity Injection
Nov 12, 2021
CVSS 6.5
EPSS 0.00
CVE-2021-21700 MEDIUM
Jenkins Scriptler Plugin < 3.3 - Stored Cross-Site Scripting in Script Deletion Confirmation
Nov 12, 2021
CVSS 5.4
EPSS 0.00
CVE-2021-21699 MEDIUM
Jenkins Active Choices Plugin < 2.5.6 - Stored Cross-Site Scripting via Reactive Parameter Name
Nov 12, 2021
CVSS 5.4
EPSS 0.00
CVE-2021-21698 HIGH
Jenkins Subversion Plugin < 2.15.0 - Path Traversal via Subversion Key File Lookup
Nov 04, 2021
CVSS 7.5
EPSS 0.04
CVE-2021-21697 CRITICAL
Jenkins <2.318-<2.303.2 - Info Disclosure
Nov 04, 2021
CVSS 9.1
EPSS 0.01
CVE-2021-21696 CRITICAL
Jenkins < 2.303.2, < 2.318 - Unauthenticated Arbitrary File Write via FilePath API
Nov 04, 2021
CVSS 9.8
EPSS 0.01
CVE-2021-21695 HIGH
Jenkins < 2.303.3 and < 2.319 - Improper Link Resolution Before File Access
Nov 04, 2021
CVSS 8.8
EPSS 0.01
CVE-2021-21694 CRITICAL
Jenkins < 2.303.3 and < 2.319 - Missing Authorization in FilePath Methods
Nov 04, 2021
CVSS 9.8
EPSS 0.00
CVE-2021-21693 CRITICAL
Jenkins < 2.303.3 and < 2.319 - Incorrect Authorization in Temporary File Creation
Nov 04, 2021
CVSS 9.8
EPSS 0.01
CVE-2021-21692 CRITICAL
Jenkins < 2.303.3 and < 2.319 - Path Traversal via FilePath#renameTo and FilePath#moveAllChildrenTo
Nov 04, 2021
CVSS 9.8
EPSS 0.01
CVE-2021-21691 CRITICAL
Jenkins < 2.303.3 and < 2.319 - Symbolic Link Creation Without Required Permission
Nov 04, 2021
CVSS 9.8
EPSS 0.01
CVE-2021-21690 CRITICAL
Jenkins < 2.303.3 and < 2.319 - Path Traversal via Agent File Path Wrapping
Nov 04, 2021
CVSS 9.8
EPSS 0.01
CVE-2021-21689 CRITICAL
Jenkins <2.318-2.303.2 - Info Disclosure
Nov 04, 2021
CVSS 9.1
EPSS 0.01
CVE-2021-21688 HIGH
Jenkins < 2.303.3 and < 2.319 - Missing Authorization in FilePath Reading
Nov 04, 2021
CVSS 7.5
EPSS 0.00
CVE-2021-21687 CRITICAL
Jenkins < 2.303.3 and < 2.319 - Missing Authorization for Symbolic Link Creation in FilePath#untar
Nov 04, 2021
CVSS 9.1
EPSS 0.00
Products
jenkins 259 pipeline\ 37 script_security 33 blue_ocean 11 git 11 email_extension 10 active_directory 9 build_failure_analyzer 9 config_file_provider 9 configuration_as_code 9 ns-nd_integration_performance_publisher 8 credentials_binding 7 github_branch_source 7 html_publisher 7 kubernetes 7 openid_connect_authentication 7 openshift_deployer 7 rundeck 7 subversion 7 amazon_ec2 6 azure_ad 6 azure_vm_agents 6 deployment_dashboard 6 electricflow 6 gerrit_trigger 6 github 6 github_pull_request_builder 6 gitlab 6 google_compute_engine 6 hashicorp_vault 6
Quick Filters
Critical CVEs With Exploits In CISA KEV