jenkins

1,798 tracked vulnerabilities.

CVE-2019-10444 MEDIUM
Jenkins Bumblebee HP ALM Plugin < 4.1.3 - Improper Certificate Validation
Oct 16, 2019
CVSS 6.5
EPSS 0.01
CVE-2019-10443 HIGH
Jenkins iceScrum Plugin <= 1.1.4 - Cleartext Storage of Sensitive Information in Job Config Files
Oct 16, 2019
CVSS 8.8
EPSS 0.02
CVE-2019-10442 MEDIUM
Jenkins iceScrum < 1.1.5 - Missing Authorization for URL Connection
Oct 16, 2019
CVSS 4.3
EPSS 0.01
CVE-2019-10441 MEDIUM
Jenkins iceScrum Plugin < 1.1.5 - Cross-Site Request Forgery
Oct 16, 2019
CVSS 4.3
EPSS 0.01
CVE-2019-10440 HIGH
Jenkins NeoLoad Plugin < 2.2.5 - Cleartext Storage of Sensitive Information in Configuration Files
Oct 16, 2019
CVSS 8.8
EPSS 0.01
CVE-2019-10439 MEDIUM
Jenkins CRX Content Package Deployer Plugin < 1.8.1 - Credential ID Enumeration
Oct 16, 2019
CVSS 4.3
EPSS 0.01
CVE-2019-10438 MEDIUM
Jenkins CRX Content Package Deployer < 1.8.1 - Missing Authorization for Credential Capture via URL Connection
Oct 16, 2019
CVSS 6.5
EPSS 0.01
CVE-2019-10437 HIGH
Jenkins CRX Content Package Deployer Plugin < 1.8.1 - Cross-Site Request Forgery
Oct 16, 2019
CVSS 8.8
EPSS 0.01
CVE-2019-10436 MEDIUM
Jenkins Google OAuth Credentials Plugin <0.9 - Info Disclosure
Oct 16, 2019
CVSS 6.5
EPSS 0.01
CVE-2019-10435 HIGH
Jenkins SourceGear Vault Plugin < 1.1.1 - Cleartext Transmission of Sensitive Credentials
Oct 01, 2019
CVSS 7.5
EPSS 0.01
CVE-2019-10434 HIGH
Jenkins LDAP Email Plugin < 0.8 - Cleartext Transmission of Sensitive Credentials
Oct 01, 2019
CVSS 7.5
EPSS 0.01
CVE-2019-10433 LOW
Jenkins Dingding Plugin <1.9 & dingding-notifications <2.0.0 - Cleartext Storage of Sensitive Info
Oct 01, 2019
CVSS 3.3
EPSS 0.00
CVE-2019-10432 MEDIUM
Jenkins HTML Publisher Plugin < 1.20 - Stored Cross-Site Scripting via Project and Build Display Names
Oct 01, 2019
CVSS 5.4
EPSS 0.01
CVE-2019-10431 CRITICAL
Jenkins Script Security Plugin < 1.64 - Sandbox Bypass via Default Parameter Expressions
Oct 01, 2019
CVSS 9.9
EPSS 0.03
CVE-2019-10430 MEDIUM
Jenkins NeuVector Vulnerability Scanner < 1.5 - Cleartext Storage of Sensitive Information in Global Configuration
Sep 25, 2019
CVSS 5.5
EPSS 0.00
CVE-2019-10429 MEDIUM
Jenkins GitLab Logo Plugin < 1.0.3 - Insufficiently Protected Credentials
Sep 25, 2019
CVSS 5.5
EPSS 0.00
CVE-2019-10428 HIGH
Jenkins Aqua Security Scanner Plugin <= 3.0.17 - Cleartext Transmission of Sensitive Credentials
Sep 25, 2019
CVSS 7.5
EPSS 0.01
CVE-2019-10427 MEDIUM
Jenkins Aqua MicroScanner < 1.0.7 - Cleartext Transmission of Sensitive Credentials
Sep 25, 2019
CVSS 5.3
EPSS 0.01
CVE-2019-10426 MEDIUM
Jenkins Gem Publisher Plugin < 1.0 - Insufficiently Protected Credentials
Sep 25, 2019
CVSS 5.5
EPSS 0.00
CVE-2019-10425 MEDIUM
Jenkins Google Calendar Plugin < 0.4 - Insufficiently Protected Credentials
Sep 25, 2019
CVSS 6.5
EPSS 0.01
CVE-2019-10424 MEDIUM
Jenkins elOyente Plugin < 1.3 - Insufficiently Protected Credentials
Sep 25, 2019
CVSS 5.5
EPSS 0.00
CVE-2019-10423 MEDIUM
Jenkins CodeScan Plugin < 0.11 - Insufficiently Protected Credentials
Sep 25, 2019
CVSS 5.5
EPSS 0.00
CVE-2019-10422 MEDIUM
Jenkins Call Remote Job Plugin < 1.0.21 - Unprotected Credential Storage in config.xml
Sep 25, 2019
CVSS 6.5
EPSS 0.01
CVE-2019-10421 MEDIUM
Jenkins Azure Event Grid Build Notifier Plugin < 0.1 - Insufficiently Protected Credentials
Sep 25, 2019
CVSS 4.3
EPSS 0.01
CVE-2019-10420 MEDIUM
Jenkins Assembla Plugin < 1.4 - Insufficiently Protected Credentials
Sep 25, 2019
CVSS 5.5
EPSS 0.00