jenkins
1,798 tracked vulnerabilities.
CVE-2021-21679
HIGH
Jenkins Azure AD Plugin < 179.vf6841393099e - Cross-Site Request Forgery Protection Bypass
Aug 31, 2021
CVSS 8.8
EPSS 0.01
CVE-2021-21678
HIGH
Jenkins SAML Plugin < 2.0.7 - Cross-Site Request Forgery Protection Bypass
Aug 31, 2021
CVSS 8.8
EPSS 0.01
CVE-2021-21677
HIGH
Jenkins Code Coverage API Plugin < 1.4.0 - Remote Code Execution via Untrusted Java Deserialization
Aug 31, 2021
CVSS 8.8
EPSS 0.02
CVE-2021-21676
MEDIUM
Jenkins requests-plugin < 2.2.7 - Missing Authorization in HTTP Endpoint
Jun 30, 2021
CVSS 4.3
EPSS 0.01
CVE-2021-21675
MEDIUM
Jenkins requests-plugin < 2.2.12 - Cross-Site Request Forgery
Jun 30, 2021
CVSS 6.5
EPSS 0.01
CVE-2021-21674
MEDIUM
Jenkins requests-plugin <2.2.6 - Info Disclosure
Jun 30, 2021
CVSS 4.3
EPSS 0.01
CVE-2021-21673
MEDIUM
Jenkins CAS Plugin < 1.6.0 - Open Redirect via Legitimacy Bypass
Jun 30, 2021
CVSS 6.1
EPSS 0.02
CVE-2021-21672
MEDIUM
Jenkins Selenium HTML Report Plugin <= 1.0 - XML External Entity Injection
Jun 30, 2021
CVSS 4.3
EPSS 0.43
CVE-2021-21671
HIGH
Jenkins < 2.300, LTS < 2.289.2 - Session Fixation
Jun 30, 2021
CVSS 7.5
EPSS 0.02
CVE-2021-21670
MEDIUM
Jenkins <2.299 - Privilege Escalation
Jun 30, 2021
CVSS 4.3
EPSS 0.02
CVE-2021-21669
CRITICAL
Jenkins Generic Webhook Trigger Plugin < 1.72 - XML External Entity Injection
Jun 18, 2021
CVSS 9.8
EPSS 0.26
CVE-2021-21668
MEDIUM
Jenkins Scriptler Plugin < 3.1 - Stored Cross-Site Scripting via Unescaped Script Content
Jun 16, 2021
CVSS 5.4
EPSS 0.76
CVE-2021-21667
MEDIUM
Jenkins Scriptler Plugin < 3.2 - Stored Cross-Site Scripting in Job Configuration Forms
Jun 16, 2021
CVSS 5.4
EPSS 0.76
CVE-2021-21666
MEDIUM
Jenkins Kiuwan Plugin < 1.6.0 - Reflected Cross-Site Scripting via Form Validation Endpoint
Jun 10, 2021
CVSS 6.1
EPSS 0.01
CVE-2021-21665
HIGH
Jenkins XebiaLabs XL Deploy Plugin < 10.0.1 - Cross-Site Request Forgery
Jun 10, 2021
CVSS 8.8
EPSS 0.01
CVE-2021-21664
MEDIUM
Jenkins XebiaLabs XL Deploy Plugin < 10.0.1 - Incorrect Authorization via URL Connection
Jun 10, 2021
CVSS 6.5
EPSS 0.01
CVE-2021-21663
MEDIUM
Jenkins XebiaLabs XL Deploy Plugin <7.5.8 - Open Redirect
Jun 10, 2021
CVSS 4.3
EPSS 0.01
CVE-2021-21662
MEDIUM
Jenkins XebiaLabs XL Deploy Plugin <10.0.1 - Info Disclosure
Jun 10, 2021
CVSS 4.3
EPSS 0.01
CVE-2021-21661
MEDIUM
Jenkins Kubernetes CLI Plugin <1.10.0 - Info Disclosure
Jun 10, 2021
CVSS 4.3
EPSS 0.02
CVE-2021-21660
MEDIUM
Jenkins Markdown Formatter Plugin < 0.1.0 - Stored Cross-Site Scripting via Crafted Link Target URLs
May 25, 2021
CVSS 5.4
EPSS 0.01
CVE-2021-21659
HIGH
Jenkins URLTrigger Plugin < 0.48 - XML External Entity Injection
May 25, 2021
CVSS 8.1
EPSS 0.67
CVE-2021-21658
CRITICAL
Jenkins Nuget Plugin < 1.0 - XML External Entity Injection
May 25, 2021
CVSS 9.1
EPSS 0.02
CVE-2021-21657
HIGH
Jenkins Filesystem Trigger Plugin < 0.40 - XML External Entity Injection
May 25, 2021
CVSS 8.8
EPSS 0.02
CVE-2021-21656
HIGH
Jenkins Xcode integration Plugin < 2.0.14 - XML External Entity Injection
May 11, 2021
CVSS 7.1
EPSS 0.02
CVE-2021-21655
HIGH
Jenkins P4 Plugin < 1.11.4 - Cross-Site Request Forgery
May 11, 2021
CVSS 7.1
EPSS 0.01
Products
jenkins 267
pipeline\ 40
script_security 35
active_directory 12
blue_ocean 11
email_extension 11
git 11
build_failure_analyzer 9
config_file_provider 9
configuration_as_code 9
credentials_binding 8
github_branch_source 8
ns-nd_integration_performance_publisher 8
html_publisher 7
job_configuration_history 7
kubernetes 7
openid_connect_authentication 7
openshift_deployer 7
rundeck 7
subversion 7
amazon_ec2 6
azure_ad 6
azure_vm_agents 6
deployment_dashboard 6
electricflow 6
gerrit_trigger 6
git_client 6
git_parameter 6
github 6
github_pull_request_builder 6
Quick Filters