jenkins
1,798 tracked vulnerabilities.
CVE-2022-23118
HIGH
Jenkins Debian Package Builder Plugin < 1.6.11 - OS Command Execution via Agent-Controlled Git Path
Jan 12, 2022
CVSS 8.8
EPSS 0.02
CVE-2022-23117
HIGH
Jenkins Conjur Secrets Plugin < 1.0.9 - Credential Exposure via Agent Process Control
Jan 12, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-23116
HIGH
Jenkins Conjur Secrets Plugin < 1.0.9 - Sensitive Data Exposure via Agent Process Decryption
Jan 12, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-23115
MEDIUM
Jenkins batch task < 1.19 - Cross-Site Request Forgery
Jan 12, 2022
CVSS 5.4
EPSS 0.01
CVE-2022-23114
LOW
Jenkins Publish Over SSH Plugin <= 1.22 - Insufficiently Protected Credentials
Jan 12, 2022
CVSS 3.3
EPSS 0.00
CVE-2022-23113
MEDIUM
Jenkins Publish Over SSH Plugin <= 1.22 - Path Traversal via File Name Validation
Jan 12, 2022
CVSS 4.3
EPSS 0.02
CVE-2022-23112
MEDIUM
Jenkins Publish Over SSH Plugin < 1.22 - Missing Authorization for SSH Server Connection
Jan 12, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-23111
MEDIUM
Jenkins Publish Over SSH Plugin < 1.22 - Cross-Site Request Forgery
Jan 12, 2022
CVSS 4.3
EPSS 0.27
CVE-2022-23110
MEDIUM
Jenkins Publish Over SSH Plugin <= 1.22 - Stored Cross-Site Scripting via SSH Server Name
Jan 12, 2022
CVSS 4.8
EPSS 0.01
CVE-2022-23109
MEDIUM
Jenkins HashiCorp Vault Plugin <= 3.7.0 - Credential Exposure in Pipeline Build Logs
Jan 12, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-23108
MEDIUM
Jenkins Badge Plugin < 1.9 - Stored Cross-Site Scripting via Badge Description
Jan 12, 2022
CVSS 5.4
EPSS 0.01
CVE-2022-23107
HIGH
Jenkins Warnings Next Generation Plugin <= 9.10.2 - Path Traversal via Custom ID Configuration
Jan 12, 2022
CVSS 8.1
EPSS 0.02
CVE-2022-23106
MEDIUM
Jenkins Configuration as Code Plugin < 1.55 - Authentication Token Timing Attack
Jan 12, 2022
CVSS 5.3
EPSS 0.01
CVE-2022-23105
MEDIUM
Jenkins Active Directory Plugin < 2.25 - Cleartext Transmission of Sensitive Information
Jan 12, 2022
CVSS 6.5
EPSS 0.00
CVE-2022-20621
MEDIUM
Jenkins Metrics Plugin <4.0.2.8 - Info Disclosure
Jan 12, 2022
CVSS 5.5
EPSS 0.00
CVE-2022-20620
MEDIUM
Jenkins SSH Agent Plugin <1.23 - Info Disclosure
Jan 12, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-20619
HIGH
Jenkins Bitbucket Branch Source Plugin <737.vdf9dc06105be - CSRF
Jan 12, 2022
CVSS 7.1
EPSS 0.01
CVE-2022-20618
MEDIUM
Jenkins Bitbucket Branch Source Plugin < 737.vdf9dc06105be - Missing Authorization for Credential ID Enumeration
Jan 12, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-20617
HIGH
Jenkins Docker Commons Plugin <1.17 - Command Injection
Jan 12, 2022
CVSS 8.8
EPSS 0.02
CVE-2022-20616
MEDIUM
Jenkins Credentials Binding Plugin <1.27 - Privilege Escalation
Jan 12, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-20615
MEDIUM
Jenkins Matrix Project Plugin <1.19 - XSS
Jan 12, 2022
CVSS 5.4
EPSS 0.82
CVE-2022-20614
MEDIUM
Jenkins Mailer Plugin <391.ve4a_38c1f - Info Disclosure
Jan 12, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-20613
MEDIUM
Jenkins Mailer Plugin <391.ve4a_38c1b_cf4b - CSRF
Jan 12, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-20612
MEDIUM
Jenkins < 2.319.1 and 2.320-2.329 - Cross-Site Request Forgery
Jan 12, 2022
CVSS 4.3
EPSS 0.02
CVE-2021-43859
HIGH
XStream <1.4.19 - DoS
Feb 01, 2022
CVSS 7.5
EPSS 0.08
Products
jenkins 267
pipeline\ 40
script_security 35
active_directory 12
blue_ocean 11
email_extension 11
git 11
build_failure_analyzer 9
config_file_provider 9
configuration_as_code 9
credentials_binding 8
github_branch_source 8
ns-nd_integration_performance_publisher 8
html_publisher 7
job_configuration_history 7
kubernetes 7
openid_connect_authentication 7
openshift_deployer 7
rundeck 7
subversion 7
amazon_ec2 6
azure_ad 6
azure_vm_agents 6
deployment_dashboard 6
electricflow 6
gerrit_trigger 6
git_client 6
git_parameter 6
github 6
github_pull_request_builder 6
Quick Filters