jenkins
1,755 tracked vulnerabilities.
CVE-2019-10451
MEDIUM
Jenkins SOASTA CloudTest < 2.25 - Cleartext Storage of Sensitive Information in Global Configuration
Oct 16, 2019
CVSS 4.3
EPSS 0.00
CVE-2019-10450
LOW
Jenkins ElasticBox CI Plugin < 5.0.1 - Cleartext Storage of Sensitive Information in Global Configuration
Oct 16, 2019
CVSS 3.3
EPSS 0.00
CVE-2019-10449
HIGH
Jenkins Fortify on Demand Plugin <4.0.0 & fortify-on-demand-uploader <5.0.0 - Cleartext Storage of Sensitive Info
Oct 16, 2019
CVSS 8.8
EPSS 0.00
CVE-2019-10448
HIGH
Jenkins Extensive Testing Plugin - Insufficiently Protected Credentials in Job Config Files
Oct 16, 2019
CVSS 8.8
EPSS 0.00
CVE-2019-10447
MEDIUM
Jenkins Sofy.AI Plugin < 1.0.3 - Cleartext Storage of Sensitive Information in Job config.xml
Oct 16, 2019
CVSS 4.3
EPSS 0.00
CVE-2019-10446
HIGH
Jenkins Cadence vManager Plugin < 2.7.0 - SSL/TLS and Hostname Verification Disabled
Oct 16, 2019
CVSS 8.2
EPSS 0.00
CVE-2019-10445
MEDIUM
Jenkins Google Kubernetes Engine Plugin < 0.7.0 - Missing Authorization
Oct 16, 2019
CVSS 4.3
EPSS 0.00
CVE-2019-10444
MEDIUM
Jenkins Bumblebee HP ALM Plugin < 4.1.3 - Improper Certificate Validation
Oct 16, 2019
CVSS 6.5
EPSS 0.00
CVE-2019-10443
HIGH
Jenkins iceScrum Plugin <= 1.1.4 - Cleartext Storage of Sensitive Information in Job Config Files
Oct 16, 2019
CVSS 8.8
EPSS 0.00
CVE-2019-10442
MEDIUM
Jenkins iceScrum < 1.1.5 - Missing Authorization for URL Connection
Oct 16, 2019
CVSS 4.3
EPSS 0.00
CVE-2019-10441
MEDIUM
Jenkins iceScrum Plugin < 1.1.5 - Cross-Site Request Forgery
Oct 16, 2019
CVSS 4.3
EPSS 0.00
CVE-2019-10440
HIGH
Jenkins NeoLoad Plugin < 2.2.5 - Cleartext Storage of Sensitive Information in Configuration Files
Oct 16, 2019
CVSS 8.8
EPSS 0.00
CVE-2019-10439
MEDIUM
Jenkins CRX Content Package Deployer Plugin < 1.8.1 - Credential ID Enumeration
Oct 16, 2019
CVSS 4.3
EPSS 0.00
CVE-2019-10438
MEDIUM
Jenkins CRX Content Package Deployer < 1.8.1 - Missing Authorization for Credential Capture via URL Connection
Oct 16, 2019
CVSS 6.5
EPSS 0.00
CVE-2019-10437
HIGH
Jenkins CRX Content Package Deployer Plugin < 1.8.1 - Cross-Site Request Forgery
Oct 16, 2019
CVSS 8.8
EPSS 0.00
CVE-2019-10436
MEDIUM
Jenkins Google OAuth Credentials Plugin <0.9 - Info Disclosure
Oct 16, 2019
CVSS 6.5
EPSS 0.00
CVE-2019-10435
HIGH
Jenkins SourceGear Vault Plugin < 1.1.1 - Cleartext Transmission of Sensitive Credentials
Oct 01, 2019
CVSS 7.5
EPSS 0.00
CVE-2019-10434
HIGH
Jenkins LDAP Email Plugin < 0.8 - Cleartext Transmission of Sensitive Credentials
Oct 01, 2019
CVSS 7.5
EPSS 0.00
CVE-2019-10433
LOW
Jenkins Dingding Plugin <1.9 & dingding-notifications <2.0.0 - Cleartext Storage of Sensitive Info
Oct 01, 2019
CVSS 3.3
EPSS 0.00
CVE-2019-10432
MEDIUM
Jenkins HTML Publisher Plugin < 1.20 - Stored Cross-Site Scripting via Project and Build Display Names
Oct 01, 2019
CVSS 5.4
EPSS 0.00
CVE-2019-10431
CRITICAL
Jenkins Script Security Plugin < 1.64 - Sandbox Bypass via Default Parameter Expressions
Oct 01, 2019
CVSS 9.9
EPSS 0.00
CVE-2019-10430
MEDIUM
Jenkins NeuVector Vulnerability Scanner < 1.5 - Cleartext Storage of Sensitive Information in Global Configuration
Sep 25, 2019
CVSS 5.5
EPSS 0.00
CVE-2019-10429
MEDIUM
Jenkins GitLab Logo Plugin < 1.0.3 - Insufficiently Protected Credentials
Sep 25, 2019
CVSS 5.5
EPSS 0.00
CVE-2019-10428
HIGH
Jenkins Aqua Security Scanner Plugin <= 3.0.17 - Cleartext Transmission of Sensitive Credentials
Sep 25, 2019
CVSS 7.5
EPSS 0.00
CVE-2019-10427
MEDIUM
Jenkins Aqua MicroScanner < 1.0.7 - Cleartext Transmission of Sensitive Credentials
Sep 25, 2019
CVSS 5.3
EPSS 0.00
Products
jenkins 259
pipeline\ 37
script_security 33
blue_ocean 11
git 11
email_extension 10
active_directory 9
build_failure_analyzer 9
config_file_provider 9
configuration_as_code 9
ns-nd_integration_performance_publisher 8
credentials_binding 7
github_branch_source 7
html_publisher 7
kubernetes 7
openid_connect_authentication 7
openshift_deployer 7
rundeck 7
subversion 7
amazon_ec2 6
azure_ad 6
azure_vm_agents 6
deployment_dashboard 6
electricflow 6
gerrit_trigger 6
github 6
github_pull_request_builder 6
gitlab 6
google_compute_engine 6
hashicorp_vault 6
Quick Filters