jenkins
1,798 tracked vulnerabilities.
CVE-2020-2172
MEDIUM
Jenkins Code Coverage API Plugin < 1.1.4 - XML External Entity Injection
Apr 07, 2020
CVSS 6.5
EPSS 0.01
CVE-2020-2171
HIGH
Jenkins RapidDeploy Plugin < 4.2 - XML External Entity Injection
Mar 25, 2020
CVSS 8.8
EPSS 0.01
CVE-2020-2170
MEDIUM
Jenkins RapidDeploy Plugin < 4.2 - Stored Cross-Site Scripting via Package Name
Mar 25, 2020
CVSS 5.4
EPSS 0.01
CVE-2020-2169
MEDIUM
Jenkins Queue Cleanup Plugin < 1.3 - Reflected Cross-Site Scripting via Form Validation Endpoint
Mar 25, 2020
CVSS 6.1
EPSS 0.01
CVE-2020-2168
HIGH
Jenkins Azure Container Service Plugin <= 1.0.1 - Remote Code Execution via YAML Parser
Mar 25, 2020
CVSS 8.8
EPSS 0.02
CVE-2020-2167
HIGH
Jenkins OpenShift Pipeline Plugin <= 1.0.56 - Remote Code Execution via YAML Parser
Mar 25, 2020
CVSS 8.8
EPSS 0.02
CVE-2020-2166
HIGH
Jenkins Pipeline: AWS Steps Plugin < 1.40 - Remote Code Execution via YAML Deserialization
Mar 25, 2020
CVSS 8.8
EPSS 0.02
CVE-2020-2163
MEDIUM
Jenkins < 2.204.5 and < 2.227 - Stored Cross-Site Scripting in List View Column Headers
Mar 25, 2020
CVSS 5.4
EPSS 0.01
CVE-2020-2162
MEDIUM
Jenkins < 2.228 - Stored Cross-Site Scripting via Uploaded Build File Parameters
Mar 25, 2020
CVSS 5.4
EPSS 0.01
CVE-2020-2161
MEDIUM
Jenkins < 2.204.5 and < 2.227 - Stored Cross-Site Scripting in Node Label Form Validation
Mar 25, 2020
CVSS 5.4
EPSS 0.01
CVE-2020-2160
HIGH
Jenkins < 2.204.6 - Cross-Site Request Forgery Protection Bypass via URL Path Representation
Mar 25, 2020
CVSS 8.8
EPSS 0.02
CVE-2020-2159
HIGH
Jenkins CryptoMove Plugin < 0.1.33 - Authenticated OS Command Injection
Mar 09, 2020
CVSS 8.8
EPSS 0.02
CVE-2020-2158
HIGH
Jenkins Literate Plugin < 1.0 - Remote Code Execution via YAML Deserialization
Mar 09, 2020
CVSS 8.8
EPSS 0.03
CVE-2020-2157
MEDIUM
Jenkins Skytap Cloud CI Plugin <= 2.07 - Cleartext Transmission of Sensitive Credentials
Mar 09, 2020
CVSS 4.3
EPSS 0.01
CVE-2020-2156
MEDIUM
Jenkins DeployHub Plugin <= 8.0.14 - Cleartext Transmission of Sensitive Credentials
Mar 09, 2020
CVSS 4.3
EPSS 0.01
CVE-2020-2155
MEDIUM
Jenkins OpenShift Deployer Plugin <= 1.2.0 - Cleartext Transmission of Sensitive Credentials
Mar 09, 2020
CVSS 5.3
EPSS 0.01
CVE-2020-2154
MEDIUM
Jenkins Zephyr for JIRA Test Management Plugin < 1.5 - Cleartext Storage of Sensitive Information
Mar 09, 2020
CVSS 5.5
EPSS 0.00
CVE-2020-2153
MEDIUM
Jenkins Backlog Plugin < 2.4 - Cleartext Transmission of Sensitive Credentials
Mar 09, 2020
CVSS 4.3
EPSS 0.01
CVE-2020-2152
MEDIUM
Jenkins Subversion Release Manager Plugin < 1.2 - Reflected Cross-Site Scripting via Repository URL Field
Mar 09, 2020
CVSS 6.1
EPSS 0.01
CVE-2020-2151
MEDIUM
Jenkins Quality Gates Plugin < 2.5 - Cleartext Transmission of Sensitive Information in Global Configuration Form
Mar 09, 2020
CVSS 5.3
EPSS 0.01
CVE-2020-2150
MEDIUM
Jenkins Sonar Quality Gates Plugin < 1.3.1 - Cleartext Transmission of Sensitive Credentials
Mar 09, 2020
CVSS 5.3
EPSS 0.01
CVE-2020-2149
MEDIUM
Jenkins Repository Connector Plugin < 1.2.6 - Cleartext Transmission of Sensitive Credentials
Mar 09, 2020
CVSS 5.3
EPSS 0.01
CVE-2020-2148
MEDIUM
Jenkins Mac Plugin < 1.1.0 - Missing Permission Check for SSH Connection
Mar 09, 2020
CVSS 4.3
EPSS 0.01
CVE-2020-2147
MEDIUM
Jenkins Mac Plugin < 1.1.0 - Cross-Site Request Forgery
Mar 09, 2020
CVSS 4.3
EPSS 0.01
CVE-2020-2146
HIGH
Jenkins Mac Plugin < 1.1.0 - Improper Verification of Cryptographic Signature
Mar 09, 2020
CVSS 7.4
EPSS 0.01
Products
jenkins 267
pipeline\ 40
script_security 35
active_directory 12
blue_ocean 11
email_extension 11
git 11
build_failure_analyzer 9
config_file_provider 9
configuration_as_code 9
credentials_binding 8
github_branch_source 8
ns-nd_integration_performance_publisher 8
html_publisher 7
job_configuration_history 7
kubernetes 7
openid_connect_authentication 7
openshift_deployer 7
rundeck 7
subversion 7
amazon_ec2 6
azure_ad 6
azure_vm_agents 6
deployment_dashboard 6
electricflow 6
gerrit_trigger 6
git_client 6
git_parameter 6
github 6
github_pull_request_builder 6
Quick Filters