jenkins
1,798 tracked vulnerabilities.
CVE-2020-2197
MEDIUM
Jenkins Project Inheritance Plugin < 19.08.02 - Unauthenticated Job Configuration Exposure via XML Format
Jun 03, 2020
CVSS 4.3
EPSS 0.01
CVE-2020-2196
HIGH
Jenkins Selenium Plugin < 3.141.59 - Cross-Site Request Forgery
Jun 03, 2020
CVSS 8.0
EPSS 0.01
CVE-2020-2195
MEDIUM
Jenkins Compact Columns Plugin <= 1.11 - Stored Cross-Site Scripting in Job Description Tooltips
Jun 03, 2020
CVSS 5.4
EPSS 0.01
CVE-2020-2194
MEDIUM
Jenkins ECharts API Plugin < 4.7.0-3 - Stored Cross-Site Scripting in Trend Chart Build Display Name
Jun 03, 2020
CVSS 5.4
EPSS 0.01
CVE-2020-2193
MEDIUM
Jenkins ECharts API Plugin < 4.7.0-3 - Stored Cross-Site Scripting in Chart Parser Identifier
Jun 03, 2020
CVSS 5.4
EPSS 0.01
CVE-2020-2192
MEDIUM
Jenkins Self-Organizing Swarm Modules Plugin < 3.20 - Cross-Site Request Forgery
Jun 03, 2020
CVSS 6.5
EPSS 0.01
CVE-2020-2191
MEDIUM
Jenkins Self-Organizing Swarm Modules Plugin < 3.20 - Unauthenticated Agent Label Manipulation via API Endpoints
Jun 03, 2020
CVSS 4.3
EPSS 0.01
CVE-2020-2190
MEDIUM
Jenkins Script Security Plugin <= 1.72 - Stored Cross-Site Scripting in In-process Script Approval Page
Jun 03, 2020
CVSS 5.4
EPSS 0.01
CVE-2020-2189
HIGH
Jenkins SCM Filter Jervis Plugin < 0.2.1 - Remote Code Execution via YAML Deserialization
May 06, 2020
CVSS 8.8
EPSS 0.02
CVE-2020-2188
MEDIUM
Jenkins Amazon EC2 Plugin < 1.50.1 - Unauthenticated Credential ID Enumeration via Form Methods
May 06, 2020
CVSS 4.3
EPSS 0.01
CVE-2020-2187
MEDIUM
Jenkins Amazon EC2 Plugin < 1.50.1 - Improper Certificate Validation
May 06, 2020
CVSS 5.6
EPSS 0.00
CVE-2020-2186
MEDIUM
Jenkins Amazon EC2 Plugin < 1.50.1 - Cross-Site Request Forgery
May 06, 2020
CVSS 4.3
EPSS 0.01
CVE-2020-2185
MEDIUM
Jenkins Amazon EC2 Plugin <1.50.1 - Man-in-the-middle
May 06, 2020
CVSS 5.6
EPSS 0.01
CVE-2020-2184
MEDIUM
Jenkins CVS Plugin < 2.16 - Cross-Site Request Forgery
May 06, 2020
CVSS 4.3
EPSS 0.44
CVE-2020-2183
MEDIUM
Jenkins Copy Artifact Plugin < 1.43.1 - Unauthenticated Artifact Access via Improper Permission Checks
May 06, 2020
CVSS 6.5
EPSS 0.01
CVE-2020-2182
MEDIUM
Jenkins Credentials Binding Plugin < 1.22 - Insufficiently Protected Credentials
May 06, 2020
CVSS 4.3
EPSS 0.01
CVE-2020-2181
MEDIUM
Jenkins Credentials Binding Plugin < 1.22 - Insufficiently Protected Credentials in Build Log
May 06, 2020
CVSS 6.5
EPSS 0.01
CVE-2020-2180
HIGH
Jenkins Amazon Web Services Serverles... - Insecure Deserialization
Apr 16, 2020
CVSS 8.8
EPSS 0.02
CVE-2020-2179
HIGH
Jenkins Yaml Axis Plugin <= 0.2.0 - Remote Code Execution via Unsafe YAML Deserialization
Apr 16, 2020
CVSS 8.8
EPSS 0.03
CVE-2020-2178
HIGH
Jenkins Parasoft Findings Plugin < 10.4.3 - XML External Entity Injection
Apr 16, 2020
CVSS 7.1
EPSS 0.01
CVE-2020-2177
MEDIUM
Jenkins Copr Plugin < 0.3 - Cleartext Storage of Sensitive Information in Job Config Files
Apr 16, 2020
CVSS 4.3
EPSS 0.01
CVE-2020-2176
MEDIUM
Jenkins useMango Runner Plugin < 1.4 - Cross-Site Scripting via useMango Service Values
Apr 07, 2020
CVSS 5.4
EPSS 0.01
CVE-2020-2175
MEDIUM
Jenkins FitNesse Plugin < 1.31 - Stored Cross-Site Scripting via Report Content
Apr 07, 2020
CVSS 5.4
EPSS 0.01
CVE-2020-2174
MEDIUM
Jenkins AWSEB Deployment Plugin < 0.3.19 - Reflected Cross-Site Scripting via Form Validation Output
Apr 07, 2020
CVSS 6.1
EPSS 0.01
CVE-2020-2173
MEDIUM
Jenkins Gatling Plugin < 1.2.7 - Cross-Site Scripting via Gatling Report Content
Apr 07, 2020
CVSS 5.4
EPSS 0.01
Products
jenkins 267
pipeline\ 40
script_security 35
active_directory 12
blue_ocean 11
email_extension 11
git 11
build_failure_analyzer 9
config_file_provider 9
configuration_as_code 9
credentials_binding 8
github_branch_source 8
ns-nd_integration_performance_publisher 8
html_publisher 7
job_configuration_history 7
kubernetes 7
openid_connect_authentication 7
openshift_deployer 7
rundeck 7
subversion 7
amazon_ec2 6
azure_ad 6
azure_vm_agents 6
deployment_dashboard 6
electricflow 6
gerrit_trigger 6
git_client 6
git_parameter 6
github 6
github_pull_request_builder 6
Quick Filters