jenkins
1,798 tracked vulnerabilities.
CVE-2019-10469
MEDIUM
Jenkins Kubernetes CI < 1.3 - Missing Permission Check for Credential Capture
Oct 23, 2019
CVSS 6.5
EPSS 0.01
CVE-2019-10468
HIGH
Jenkins Kubernetes CI < 1.3 - Cross-Site Request Forgery via Credential Capture
Oct 23, 2019
CVSS 8.8
EPSS 0.01
CVE-2019-10467
MEDIUM
Jenkins Sonar Gerrit Plugin < 2.3 - Insufficiently Protected Credentials in Job Config
Oct 23, 2019
CVSS 6.5
EPSS 0.01
CVE-2019-10466
HIGH
Jenkins 360 FireLine Plugin < 1.7.2 - XML External Entity Injection
Oct 23, 2019
CVSS 8.1
EPSS 0.01
CVE-2019-10465
MEDIUM
Jenkins Deploy WebLogic Plugin < 4.1 - Server-Side Request Forgery and Information Disclosure via URL Connection
Oct 23, 2019
CVSS 4.3
EPSS 0.01
CVE-2019-10464
HIGH
Jenkins Deploy WebLogic Plugin < 4.1 - Cross-Site Request Forgery
Oct 23, 2019
CVSS 8.8
EPSS 0.01
CVE-2019-10463
MEDIUM
Jenkins Dynatrace Application Monitoring < 2.1.4 - Incorrect Default Permissions
Oct 23, 2019
CVSS 6.5
EPSS 0.01
CVE-2019-10462
HIGH
Jenkins Dynatrace Application Monitoring < 2.1.3 - Cross-Site Request Forgery
Oct 23, 2019
CVSS 8.1
EPSS 0.01
CVE-2019-10461
HIGH
Jenkins Dynatrace Application Monitoring < 2.1.3 - Insufficiently Protected Credentials
Oct 23, 2019
CVSS 7.8
EPSS 0.00
CVE-2019-10460
HIGH
Jenkins Bitbucket OAuth Plugin < 0.9 - Unprotected Credential Storage in config.xml
Oct 23, 2019
CVSS 7.8
EPSS 0.00
CVE-2019-10459
MEDIUM
Jenkins Mattermost Notification Plugin < 2.7.0 - Insufficiently Protected Credentials in Global Configuration
Oct 23, 2019
CVSS 6.5
EPSS 0.01
CVE-2019-10458
CRITICAL
Jenkins Puppet Enterprise Pipeline <1.3.1 - Code Injection
Oct 16, 2019
CVSS 9.9
EPSS 0.02
CVE-2019-10457
MEDIUM
Jenkins Oracle Cloud Infrastructure Compute Classic Plugin < 1.0.0 - Missing Authorization
Oct 16, 2019
CVSS 4.3
EPSS 0.01
CVE-2019-10456
MEDIUM
Jenkins Oracle Cloud Infrastructure Compute Classic Plugin < 1.0.0 - Cross-Site Request Forgery
Oct 16, 2019
CVSS 4.3
EPSS 0.01
CVE-2019-10455
MEDIUM
Jenkins Rundeck Plugin < 3.6.5 and org.jenkins-ci.plugins/rundeck < 3.6.6 - Missing Authorization for URL Connection
Oct 16, 2019
CVSS 4.3
EPSS 0.01
CVE-2019-10454
MEDIUM
Jenkins Rundeck Plugin < 3.6.5 - Cross-Site Request Forgery
Oct 16, 2019
CVSS 4.3
EPSS 0.01
CVE-2019-10453
HIGH
Jenkins Delphix Plugin < 2.0.4 - Cleartext Storage of Sensitive Information in Global Configuration
Oct 16, 2019
CVSS 7.8
EPSS 0.00
CVE-2019-10452
MEDIUM
Jenkins View26 Test-Reporting Plugin < 1.0.7 - Cleartext Storage of Sensitive Information in Job Config Files
Oct 16, 2019
CVSS 4.3
EPSS 0.00
CVE-2019-10451
MEDIUM
Jenkins SOASTA CloudTest < 2.25 - Cleartext Storage of Sensitive Information in Global Configuration
Oct 16, 2019
CVSS 4.3
EPSS 0.00
CVE-2019-10450
LOW
Jenkins ElasticBox CI Plugin < 5.0.1 - Cleartext Storage of Sensitive Information in Global Configuration
Oct 16, 2019
CVSS 3.3
EPSS 0.00
CVE-2019-10449
HIGH
Jenkins Fortify on Demand Plugin <4.0.0 & fortify-on-demand-uploader <5.0.0 - Cleartext Storage of Sensitive Info
Oct 16, 2019
CVSS 8.8
EPSS 0.01
CVE-2019-10448
HIGH
Jenkins Extensive Testing Plugin - Insufficiently Protected Credentials in Job Config Files
Oct 16, 2019
CVSS 8.8
EPSS 0.01
CVE-2019-10447
MEDIUM
Jenkins Sofy.AI Plugin < 1.0.3 - Cleartext Storage of Sensitive Information in Job config.xml
Oct 16, 2019
CVSS 4.3
EPSS 0.01
CVE-2019-10446
HIGH
Jenkins Cadence vManager Plugin < 2.7.0 - SSL/TLS and Hostname Verification Disabled
Oct 16, 2019
CVSS 8.2
EPSS 0.01
CVE-2019-10445
MEDIUM
Jenkins Google Kubernetes Engine Plugin < 0.7.0 - Missing Authorization
Oct 16, 2019
CVSS 4.3
EPSS 0.01
Products
jenkins 267
pipeline\ 40
script_security 35
active_directory 12
blue_ocean 11
email_extension 11
git 11
build_failure_analyzer 9
config_file_provider 9
configuration_as_code 9
credentials_binding 8
github_branch_source 8
ns-nd_integration_performance_publisher 8
html_publisher 7
job_configuration_history 7
kubernetes 7
openid_connect_authentication 7
openshift_deployer 7
rundeck 7
subversion 7
amazon_ec2 6
azure_ad 6
azure_vm_agents 6
deployment_dashboard 6
electricflow 6
gerrit_trigger 6
git_client 6
git_parameter 6
github 6
github_pull_request_builder 6
Quick Filters