jenkins
1,798 tracked vulnerabilities.
CVE-2019-10444
MEDIUM
Jenkins Bumblebee HP ALM Plugin < 4.1.3 - Improper Certificate Validation
Oct 16, 2019
CVSS 6.5
EPSS 0.01
CVE-2019-10443
HIGH
Jenkins iceScrum Plugin <= 1.1.4 - Cleartext Storage of Sensitive Information in Job Config Files
Oct 16, 2019
CVSS 8.8
EPSS 0.02
CVE-2019-10442
MEDIUM
Jenkins iceScrum < 1.1.5 - Missing Authorization for URL Connection
Oct 16, 2019
CVSS 4.3
EPSS 0.01
CVE-2019-10441
MEDIUM
Jenkins iceScrum Plugin < 1.1.5 - Cross-Site Request Forgery
Oct 16, 2019
CVSS 4.3
EPSS 0.01
CVE-2019-10440
HIGH
Jenkins NeoLoad Plugin < 2.2.5 - Cleartext Storage of Sensitive Information in Configuration Files
Oct 16, 2019
CVSS 8.8
EPSS 0.01
CVE-2019-10439
MEDIUM
Jenkins CRX Content Package Deployer Plugin < 1.8.1 - Credential ID Enumeration
Oct 16, 2019
CVSS 4.3
EPSS 0.01
CVE-2019-10438
MEDIUM
Jenkins CRX Content Package Deployer < 1.8.1 - Missing Authorization for Credential Capture via URL Connection
Oct 16, 2019
CVSS 6.5
EPSS 0.01
CVE-2019-10437
HIGH
Jenkins CRX Content Package Deployer Plugin < 1.8.1 - Cross-Site Request Forgery
Oct 16, 2019
CVSS 8.8
EPSS 0.01
CVE-2019-10436
MEDIUM
Jenkins Google OAuth Credentials Plugin <0.9 - Info Disclosure
Oct 16, 2019
CVSS 6.5
EPSS 0.01
CVE-2019-10435
HIGH
Jenkins SourceGear Vault Plugin < 1.1.1 - Cleartext Transmission of Sensitive Credentials
Oct 01, 2019
CVSS 7.5
EPSS 0.01
CVE-2019-10434
HIGH
Jenkins LDAP Email Plugin < 0.8 - Cleartext Transmission of Sensitive Credentials
Oct 01, 2019
CVSS 7.5
EPSS 0.01
CVE-2019-10433
LOW
Jenkins Dingding Plugin <1.9 & dingding-notifications <2.0.0 - Cleartext Storage of Sensitive Info
Oct 01, 2019
CVSS 3.3
EPSS 0.00
CVE-2019-10432
MEDIUM
Jenkins HTML Publisher Plugin < 1.20 - Stored Cross-Site Scripting via Project and Build Display Names
Oct 01, 2019
CVSS 5.4
EPSS 0.01
CVE-2019-10431
CRITICAL
Jenkins Script Security Plugin < 1.64 - Sandbox Bypass via Default Parameter Expressions
Oct 01, 2019
CVSS 9.9
EPSS 0.03
CVE-2019-10430
MEDIUM
Jenkins NeuVector Vulnerability Scanner < 1.5 - Cleartext Storage of Sensitive Information in Global Configuration
Sep 25, 2019
CVSS 5.5
EPSS 0.00
CVE-2019-10429
MEDIUM
Jenkins GitLab Logo Plugin < 1.0.3 - Insufficiently Protected Credentials
Sep 25, 2019
CVSS 5.5
EPSS 0.00
CVE-2019-10428
HIGH
Jenkins Aqua Security Scanner Plugin <= 3.0.17 - Cleartext Transmission of Sensitive Credentials
Sep 25, 2019
CVSS 7.5
EPSS 0.01
CVE-2019-10427
MEDIUM
Jenkins Aqua MicroScanner < 1.0.7 - Cleartext Transmission of Sensitive Credentials
Sep 25, 2019
CVSS 5.3
EPSS 0.01
CVE-2019-10426
MEDIUM
Jenkins Gem Publisher Plugin < 1.0 - Insufficiently Protected Credentials
Sep 25, 2019
CVSS 5.5
EPSS 0.00
CVE-2019-10425
MEDIUM
Jenkins Google Calendar Plugin < 0.4 - Insufficiently Protected Credentials
Sep 25, 2019
CVSS 6.5
EPSS 0.01
CVE-2019-10424
MEDIUM
Jenkins elOyente Plugin < 1.3 - Insufficiently Protected Credentials
Sep 25, 2019
CVSS 5.5
EPSS 0.00
CVE-2019-10423
MEDIUM
Jenkins CodeScan Plugin < 0.11 - Insufficiently Protected Credentials
Sep 25, 2019
CVSS 5.5
EPSS 0.00
CVE-2019-10422
MEDIUM
Jenkins Call Remote Job Plugin < 1.0.21 - Unprotected Credential Storage in config.xml
Sep 25, 2019
CVSS 6.5
EPSS 0.01
CVE-2019-10421
MEDIUM
Jenkins Azure Event Grid Build Notifier Plugin < 0.1 - Insufficiently Protected Credentials
Sep 25, 2019
CVSS 4.3
EPSS 0.01
CVE-2019-10420
MEDIUM
Jenkins Assembla Plugin < 1.4 - Insufficiently Protected Credentials
Sep 25, 2019
CVSS 5.5
EPSS 0.00
Products
jenkins 267
pipeline\ 40
script_security 35
active_directory 12
blue_ocean 11
email_extension 11
git 11
build_failure_analyzer 9
config_file_provider 9
configuration_as_code 9
credentials_binding 8
github_branch_source 8
ns-nd_integration_performance_publisher 8
html_publisher 7
job_configuration_history 7
kubernetes 7
openid_connect_authentication 7
openshift_deployer 7
rundeck 7
subversion 7
amazon_ec2 6
azure_ad 6
azure_vm_agents 6
deployment_dashboard 6
electricflow 6
gerrit_trigger 6
git_client 6
git_parameter 6
github 6
github_pull_request_builder 6
Quick Filters