jenkins
1,798 tracked vulnerabilities.
CVE-2019-10394
MEDIUM
Jenkins Script Security Plugin <1.62 - RCE
Sep 12, 2019
CVSS 4.2
EPSS 0.01
CVE-2019-10393
MEDIUM
Jenkins Script Security Plugin <1.62 - RCE
Sep 12, 2019
CVSS 4.2
EPSS 0.01
CVE-2019-10392
HIGH
Jenkins Git Client Plugin < 2.8.4 - OS Command Injection via Git ls-remote URL Argument
Sep 12, 2019
CVSS 8.8
EPSS 0.26
CVE-2019-10391
MEDIUM
Jenkins IBM Application Security on Cloud Plugin < 1.2.4 - Cleartext Transmission of Sensitive Information
Aug 28, 2019
CVSS 6.5
EPSS 0.01
CVE-2019-10390
HIGH
Jenkins Splunk Plugin < 1.7.4 - Authenticated Remote Code Execution via Groovy Script Endpoint
Aug 28, 2019
CVSS 8.8
EPSS 0.02
CVE-2019-10384
HIGH
Jenkins < 2.176.3 - Cross-Site Request Forgery via Non-Expiring CSRF Tokens
Aug 28, 2019
CVSS 8.8
EPSS 0.02
CVE-2019-10383
MEDIUM
Jenkins < 2.176.3 - Authenticated Stored Cross-Site Scripting via Update Site URL Configuration
Aug 28, 2019
CVSS 4.8
EPSS 0.01
CVE-2019-10389
MEDIUM
Jenkins Relution Enterprise Appstore Publisher < 1.24 - Server-Side Request Forgery
Aug 07, 2019
CVSS 4.3
EPSS 0.01
CVE-2019-10388
MEDIUM
Jenkins Relution Enterprise Appstore Publisher < 1.24 - Cross-Site Request Forgery
Aug 07, 2019
CVSS 4.3
EPSS 0.01
CVE-2019-10387
MEDIUM
Jenkins XL TestView Plugin < 1.2.0 - Missing Authorization in XLTestView.XLTestDescriptor#doTestConnection
Aug 07, 2019
CVSS 6.5
EPSS 0.01
CVE-2019-10386
HIGH
Jenkins XL TestView Plugin < 1.2.0 - Cross-Site Request Forgery via Test Connection Endpoint
Aug 07, 2019
CVSS 8.8
EPSS 0.01
CVE-2019-10385
MEDIUM
Jenkins eggPlant Plugin < 2.2 - Insufficiently Protected Credentials in Job Config Files
Aug 07, 2019
CVSS 6.5
EPSS 0.01
CVE-2019-10382
MEDIUM
Jenkins VMware Lab Manager Slaves Plugin <= 0.2.8 - Improper Certificate Validation
Aug 07, 2019
CVSS 6.5
EPSS 0.01
CVE-2019-10381
HIGH
Jenkins Codefresh Integration Plugin < 1.8 - SSL/TLS and Hostname Verification Disabled
Aug 07, 2019
CVSS 7.5
EPSS 0.01
CVE-2019-10380
HIGH
Jenkins Simple Travis Pipeline Runner Plugin <1.0 - RCE
Aug 07, 2019
CVSS 8.8
EPSS 0.02
CVE-2019-10378
MEDIUM
Jenkins TestLink Plugin <= 3.16 - Insufficiently Protected Credentials
Aug 07, 2019
CVSS 5.3
EPSS 0.01
CVE-2019-10377
MEDIUM
Jenkins Avatar Plugin < 1.2 - Missing Authorization for User Avatar Changes
Aug 07, 2019
CVSS 4.3
EPSS 0.01
CVE-2019-10376
MEDIUM
Jenkins Wall Display Plugin < 0.6.34 - Reflected Cross-Site Scripting
Aug 07, 2019
CVSS 6.1
EPSS 0.01
CVE-2019-10375
MEDIUM
Jenkins File System SCM Plugin <2.1 - Info Disclosure
Aug 07, 2019
CVSS 6.5
EPSS 0.01
CVE-2019-10374
MEDIUM
Jenkins PegDown Formatter Plugin < 1.3 - Stored Cross-Site Scripting via JavaScript Scheme Links
Aug 07, 2019
CVSS 5.4
EPSS 0.01
CVE-2019-10373
MEDIUM
Jenkins Build Pipeline Plugin < 1.5.8 - Stored Cross-Site Scripting via Build Pipeline Description
Aug 07, 2019
CVSS 5.4
EPSS 0.01
CVE-2019-10372
MEDIUM
Jenkins Gitlab Authentication Plugin < 1.4 - Open Redirect via GitLabSecurityRealm
Aug 07, 2019
CVSS 6.1
EPSS 0.01
CVE-2019-10371
HIGH
Jenkins Gitlab Auth Plugin <1.4 - Privilege Escalation
Aug 07, 2019
CVSS 7.5
EPSS 0.01
CVE-2019-10370
MEDIUM
Jenkins Mask Passwords Plugin < 2.12.0 - Plaintext Password Exposure in Configuration Form
Aug 07, 2019
CVSS 6.5
EPSS 0.01
CVE-2019-10369
MEDIUM
Jenkins JClouds Plugin < 2.14 - Missing Authorization in Test Connection Endpoint
Aug 07, 2019
CVSS 6.5
EPSS 0.01
Products
jenkins 267
pipeline\ 40
script_security 35
active_directory 12
blue_ocean 11
email_extension 11
git 11
build_failure_analyzer 9
config_file_provider 9
configuration_as_code 9
credentials_binding 8
github_branch_source 8
ns-nd_integration_performance_publisher 8
html_publisher 7
job_configuration_history 7
kubernetes 7
openid_connect_authentication 7
openshift_deployer 7
rundeck 7
subversion 7
amazon_ec2 6
azure_ad 6
azure_vm_agents 6
deployment_dashboard 6
electricflow 6
gerrit_trigger 6
git_client 6
git_parameter 6
github 6
github_pull_request_builder 6
Quick Filters