jenkins
1,798 tracked vulnerabilities.
CVE-2020-2145
MEDIUM
Jenkins Zephyr Enterprise Test Management Plugin < 1.9.1 - Insufficiently Protected Credentials
Mar 09, 2020
CVSS 5.5
EPSS 0.00
CVE-2020-2144
HIGH
Jenkins Rundeck Plugin < 3.6.6 - XML External Entity Injection
Mar 09, 2020
CVSS 7.1
EPSS 0.01
CVE-2020-2143
MEDIUM
Jenkins Logstash Plugin < 2.3.1 - Cleartext Transmission of Sensitive Credentials
Mar 09, 2020
CVSS 5.3
EPSS 0.01
CVE-2020-2142
MEDIUM
Jenkins P4 Plugin < 1.10.10 - Unauthenticated Build Trigger via Missing Permission Check
Mar 09, 2020
CVSS 4.3
EPSS 0.01
CVE-2020-2141
MEDIUM
Jenkins P4 Plugin < 1.10.10 - Cross-Site Request Forgery
Mar 09, 2020
CVSS 4.3
EPSS 0.01
CVE-2020-2140
MEDIUM
NUCLEI
Jenkins Audit Trail Plugin < 3.2 - Reflected Cross-Site Scripting via URL Patterns Field
Mar 09, 2020
CVSS 6.1
EPSS 0.76
CVE-2020-2139
MEDIUM
Jenkins Cobertura < 1.16 - Arbitrary File Write via Coverage Report File
Mar 09, 2020
CVSS 6.5
EPSS 0.02
CVE-2020-2138
HIGH
Jenkins Cobertura Plugin < 1.15 - XML External Entity Injection
Mar 09, 2020
CVSS 7.1
EPSS 0.01
CVE-2020-2137
MEDIUM
Jenkins Timestamper Plugin <= 1.11.1 - Stored Cross-Site Scripting
Mar 09, 2020
CVSS 4.8
EPSS 0.01
CVE-2020-2136
MEDIUM
Jenkins Git Plugin < 4.2.0 - Stored Cross-Site Scripting via Repository URL Error Message
Mar 09, 2020
CVSS 5.4
EPSS 0.01
CVE-2020-2135
HIGH
Jenkins Script Security Plugin < 1.70 - Sandbox Bypass via GroovyInterceptable Method Calls
Mar 09, 2020
CVSS 8.8
EPSS 0.01
CVE-2020-2134
HIGH
Jenkins Script Security Plugin < 1.70 - Sandbox Bypass via Crafted Constructor Calls
Mar 09, 2020
CVSS 8.8
EPSS 0.01
CVE-2020-2133
MEDIUM
Jenkins Applatix Plugin < 1.1 - Insufficiently Protected Credentials in Job Config
Feb 12, 2020
CVSS 6.5
EPSS 0.01
CVE-2020-2132
MEDIUM
Jenkins Parasoft Environment Manager Plugin < 2.14 - Insufficiently Protected Credentials in Job Config
Feb 12, 2020
CVSS 6.5
EPSS 0.01
CVE-2020-2131
MEDIUM
Jenkins Harvest SCM Plugin <= 0.5.1 - Insufficiently Protected Credentials in Job config.xml
Feb 12, 2020
CVSS 6.5
EPSS 0.01
CVE-2020-2130
MEDIUM
Jenkins Harvest SCM Plugin <= 0.5.1 - Insufficiently Protected Credentials
Feb 12, 2020
CVSS 6.5
EPSS 0.01
CVE-2020-2129
MEDIUM
Jenkins Eagle Tester Plugin < 1.0.9 - Insufficiently Protected Credentials
Feb 12, 2020
CVSS 6.5
EPSS 0.01
CVE-2020-2128
MEDIUM
Jenkins ECX Copy Data Management Plugin < 1.9 - Unencrypted Password Storage in Job Config
Feb 12, 2020
CVSS 4.3
EPSS 0.01
CVE-2020-2127
MEDIUM
Jenkins BMC Release Package and Deployment Plugin < 1.1 - Unencrypted Credential Storage
Feb 12, 2020
CVSS 4.3
EPSS 0.01
CVE-2020-2126
MEDIUM
Jenkins DigitalOcean Plugin <= 1.1 - Insufficiently Protected Credentials
Feb 12, 2020
CVSS 4.3
EPSS 0.01
CVE-2020-2125
MEDIUM
Jenkins Debian Package Builder Plugin < 1.6.11 - Insufficiently Protected Credentials
Feb 12, 2020
CVSS 4.3
EPSS 0.01
CVE-2020-2124
MEDIUM
Jenkins Dynamic Extended Choice Parameter Plugin < 1.0.1 - Insufficiently Protected Credentials
Feb 12, 2020
CVSS 4.3
EPSS 0.01
CVE-2020-2123
HIGH
Jenkins RadarGun Plugin < 1.7 - Remote Code Execution via YAML Deserialization
Feb 12, 2020
CVSS 8.8
EPSS 0.02
CVE-2020-2122
MEDIUM
Jenkins Brakeman Plugin < 0.12 - Stored Cross-Site Scripting via Unescaped JSON Values
Feb 12, 2020
CVSS 5.4
EPSS 0.01
CVE-2020-2121
HIGH
Jenkins Google Kubernetes Engine Plugin < 0.8.0 - Remote Code Execution via YAML Parser
Feb 12, 2020
CVSS 8.8
EPSS 0.03
Products
jenkins 267
pipeline\ 40
script_security 35
active_directory 12
blue_ocean 11
email_extension 11
git 11
build_failure_analyzer 9
config_file_provider 9
configuration_as_code 9
credentials_binding 8
github_branch_source 8
ns-nd_integration_performance_publisher 8
html_publisher 7
job_configuration_history 7
kubernetes 7
openid_connect_authentication 7
openshift_deployer 7
rundeck 7
subversion 7
amazon_ec2 6
azure_ad 6
azure_vm_agents 6
deployment_dashboard 6
electricflow 6
gerrit_trigger 6
git_client 6
git_parameter 6
github 6
github_pull_request_builder 6
Quick Filters