jenkins
1,755 tracked vulnerabilities.
CVE-2019-10426
MEDIUM
Jenkins Gem Publisher Plugin < 1.0 - Insufficiently Protected Credentials
Sep 25, 2019
CVSS 5.5
EPSS 0.00
CVE-2019-10425
MEDIUM
Jenkins Google Calendar Plugin < 0.4 - Insufficiently Protected Credentials
Sep 25, 2019
CVSS 6.5
EPSS 0.00
CVE-2019-10424
MEDIUM
Jenkins elOyente Plugin < 1.3 - Insufficiently Protected Credentials
Sep 25, 2019
CVSS 5.5
EPSS 0.00
CVE-2019-10423
MEDIUM
Jenkins CodeScan Plugin < 0.11 - Insufficiently Protected Credentials
Sep 25, 2019
CVSS 5.5
EPSS 0.00
CVE-2019-10422
MEDIUM
Jenkins Call Remote Job Plugin < 1.0.21 - Unprotected Credential Storage in config.xml
Sep 25, 2019
CVSS 6.5
EPSS 0.00
CVE-2019-10421
MEDIUM
Jenkins Azure Event Grid Build Notifier Plugin < 0.1 - Insufficiently Protected Credentials
Sep 25, 2019
CVSS 4.3
EPSS 0.00
CVE-2019-10420
MEDIUM
Jenkins Assembla Plugin < 1.4 - Insufficiently Protected Credentials
Sep 25, 2019
CVSS 5.5
EPSS 0.00
CVE-2019-10419
MEDIUM
Jenkins Vfabric Application Director < 1.3 - Insufficiently Protected Credentials
Sep 25, 2019
CVSS 5.5
EPSS 0.00
CVE-2019-10418
CRITICAL
Jenkins Kubernetes::Pipeline::Arquillian Steps Plugin - Code Injection
Sep 25, 2019
CVSS 9.9
EPSS 0.00
CVE-2019-10417
CRITICAL
Jenkins Kubernetes::Pipeline::Kubernetes Steps Plugin - RCE
Sep 25, 2019
CVSS 9.9
EPSS 0.00
CVE-2019-10416
MEDIUM
Jenkins Violation Comments TO Gitlab < 2.28 - Insufficiently Protected Credentials
Sep 25, 2019
CVSS 6.5
EPSS 0.00
CVE-2019-10415
MEDIUM
Jenkins Violation Comments TO Gitlab < 2.28 - Insufficiently Protected Credentials
Sep 25, 2019
CVSS 6.5
EPSS 0.00
CVE-2019-10414
MEDIUM
Jenkins Git Changelog Plugin < 2.17 - Insufficiently Protected Credentials in Job Config Files
Sep 25, 2019
CVSS 6.5
EPSS 0.00
CVE-2019-10413
MEDIUM
Jenkins Data Theorem Mobile App Security < 1.3 - Insufficiently Protected Credentials
Sep 25, 2019
CVSS 6.5
EPSS 0.00
CVE-2019-10412
HIGH
Jenkins Inedo ProGet Plugin < 1.2 - Cleartext Transmission of Sensitive Information
Sep 25, 2019
CVSS 7.5
EPSS 0.00
CVE-2019-10411
HIGH
Jenkins Inedo BuildMaster Plugin < 2.4.0 - Cleartext Transmission of Sensitive Credentials
Sep 25, 2019
CVSS 7.5
EPSS 0.00
CVE-2019-10410
MEDIUM
Jenkins Log Parser Plugin < 2.0 - Cross-Site Scripting via Error Message
Sep 25, 2019
CVSS 5.4
EPSS 0.00
CVE-2019-10409
MEDIUM
Jenkins Project Inheritance Plugin < 19.08.01 - Missing Authorization
Sep 25, 2019
CVSS 4.3
EPSS 0.00
CVE-2019-10408
MEDIUM
Jenkins Project Inheritance Plugin < 19.08.01 - Cross-Site Request Forgery
Sep 25, 2019
CVSS 4.3
EPSS 0.01
CVE-2019-10407
MEDIUM
Jenkins Project Inheritance Plugin < 2.0.0 - Exposure of Sensitive Information via Environment Variable Display
Sep 25, 2019
CVSS 6.5
EPSS 0.00
CVE-2019-10406
MEDIUM
Jenkins < 2.196 and LTS < 2.176.3 - Authenticated Stored Cross-Site Scripting via Jenkins URL Configuration
Sep 25, 2019
CVSS 4.8
EPSS 0.00
CVE-2019-10405
MEDIUM
NUCLEI
Jenkins < 2.196 and LTS < 2.176.3 - Cross-Site Scripting via /whoAmI/ Endpoint
Sep 25, 2019
CVSS 5.4
EPSS 0.80
CVE-2019-10404
MEDIUM
Jenkins < 2.176.3, < 2.196 - Stored Cross-Site Scripting in Queue Item Blocked Reason Tooltip
Sep 25, 2019
CVSS 5.4
EPSS 0.00
CVE-2019-10403
MEDIUM
Jenkins < 2.196 and LTS < 2.176.3 - Stored Cross-Site Scripting in SCM Tag Action Tooltip
Sep 25, 2019
CVSS 5.4
EPSS 0.00
CVE-2019-10402
MEDIUM
Jenkins < 2.176.3, < 2.196 - Stored Cross-Site Scripting via f:combobox Form Control
Sep 25, 2019
CVSS 5.4
EPSS 0.00
Products
jenkins 259
pipeline\ 37
script_security 33
blue_ocean 11
git 11
email_extension 10
active_directory 9
build_failure_analyzer 9
config_file_provider 9
configuration_as_code 9
ns-nd_integration_performance_publisher 8
credentials_binding 7
github_branch_source 7
html_publisher 7
kubernetes 7
openid_connect_authentication 7
openshift_deployer 7
rundeck 7
subversion 7
amazon_ec2 6
azure_ad 6
azure_vm_agents 6
deployment_dashboard 6
electricflow 6
gerrit_trigger 6
github 6
github_pull_request_builder 6
gitlab 6
google_compute_engine 6
hashicorp_vault 6
Quick Filters