jenkins

1,798 tracked vulnerabilities.

CVE-2020-2197 MEDIUM
Jenkins Project Inheritance Plugin < 19.08.02 - Unauthenticated Job Configuration Exposure via XML Format
Jun 03, 2020
CVSS 4.3
EPSS 0.01
CVE-2020-2196 HIGH
Jenkins Selenium Plugin < 3.141.59 - Cross-Site Request Forgery
Jun 03, 2020
CVSS 8.0
EPSS 0.01
CVE-2020-2195 MEDIUM
Jenkins Compact Columns Plugin <= 1.11 - Stored Cross-Site Scripting in Job Description Tooltips
Jun 03, 2020
CVSS 5.4
EPSS 0.01
CVE-2020-2194 MEDIUM
Jenkins ECharts API Plugin < 4.7.0-3 - Stored Cross-Site Scripting in Trend Chart Build Display Name
Jun 03, 2020
CVSS 5.4
EPSS 0.01
CVE-2020-2193 MEDIUM
Jenkins ECharts API Plugin < 4.7.0-3 - Stored Cross-Site Scripting in Chart Parser Identifier
Jun 03, 2020
CVSS 5.4
EPSS 0.01
CVE-2020-2192 MEDIUM
Jenkins Self-Organizing Swarm Modules Plugin < 3.20 - Cross-Site Request Forgery
Jun 03, 2020
CVSS 6.5
EPSS 0.01
CVE-2020-2191 MEDIUM
Jenkins Self-Organizing Swarm Modules Plugin < 3.20 - Unauthenticated Agent Label Manipulation via API Endpoints
Jun 03, 2020
CVSS 4.3
EPSS 0.01
CVE-2020-2190 MEDIUM
Jenkins Script Security Plugin <= 1.72 - Stored Cross-Site Scripting in In-process Script Approval Page
Jun 03, 2020
CVSS 5.4
EPSS 0.01
CVE-2020-2189 HIGH
Jenkins SCM Filter Jervis Plugin < 0.2.1 - Remote Code Execution via YAML Deserialization
May 06, 2020
CVSS 8.8
EPSS 0.02
CVE-2020-2188 MEDIUM
Jenkins Amazon EC2 Plugin < 1.50.1 - Unauthenticated Credential ID Enumeration via Form Methods
May 06, 2020
CVSS 4.3
EPSS 0.01
CVE-2020-2187 MEDIUM
Jenkins Amazon EC2 Plugin < 1.50.1 - Improper Certificate Validation
May 06, 2020
CVSS 5.6
EPSS 0.00
CVE-2020-2186 MEDIUM
Jenkins Amazon EC2 Plugin < 1.50.1 - Cross-Site Request Forgery
May 06, 2020
CVSS 4.3
EPSS 0.01
CVE-2020-2185 MEDIUM
Jenkins Amazon EC2 Plugin <1.50.1 - Man-in-the-middle
May 06, 2020
CVSS 5.6
EPSS 0.01
CVE-2020-2184 MEDIUM
Jenkins CVS Plugin < 2.16 - Cross-Site Request Forgery
May 06, 2020
CVSS 4.3
EPSS 0.44
CVE-2020-2183 MEDIUM
Jenkins Copy Artifact Plugin < 1.43.1 - Unauthenticated Artifact Access via Improper Permission Checks
May 06, 2020
CVSS 6.5
EPSS 0.01
CVE-2020-2182 MEDIUM
Jenkins Credentials Binding Plugin < 1.22 - Insufficiently Protected Credentials
May 06, 2020
CVSS 4.3
EPSS 0.01
CVE-2020-2181 MEDIUM
Jenkins Credentials Binding Plugin < 1.22 - Insufficiently Protected Credentials in Build Log
May 06, 2020
CVSS 6.5
EPSS 0.01
CVE-2020-2180 HIGH
Jenkins Amazon Web Services Serverles... - Insecure Deserialization
Apr 16, 2020
CVSS 8.8
EPSS 0.02
CVE-2020-2179 HIGH
Jenkins Yaml Axis Plugin <= 0.2.0 - Remote Code Execution via Unsafe YAML Deserialization
Apr 16, 2020
CVSS 8.8
EPSS 0.03
CVE-2020-2178 HIGH
Jenkins Parasoft Findings Plugin < 10.4.3 - XML External Entity Injection
Apr 16, 2020
CVSS 7.1
EPSS 0.01
CVE-2020-2177 MEDIUM
Jenkins Copr Plugin < 0.3 - Cleartext Storage of Sensitive Information in Job Config Files
Apr 16, 2020
CVSS 4.3
EPSS 0.01
CVE-2020-2176 MEDIUM
Jenkins useMango Runner Plugin < 1.4 - Cross-Site Scripting via useMango Service Values
Apr 07, 2020
CVSS 5.4
EPSS 0.01
CVE-2020-2175 MEDIUM
Jenkins FitNesse Plugin < 1.31 - Stored Cross-Site Scripting via Report Content
Apr 07, 2020
CVSS 5.4
EPSS 0.01
CVE-2020-2174 MEDIUM
Jenkins AWSEB Deployment Plugin < 0.3.19 - Reflected Cross-Site Scripting via Form Validation Output
Apr 07, 2020
CVSS 6.1
EPSS 0.01
CVE-2020-2173 MEDIUM
Jenkins Gatling Plugin < 1.2.7 - Cross-Site Scripting via Gatling Report Content
Apr 07, 2020
CVSS 5.4
EPSS 0.01