jenkins

1,798 tracked vulnerabilities.

CVE-2019-10394 MEDIUM
Jenkins Script Security Plugin <1.62 - RCE
Sep 12, 2019
CVSS 4.2
EPSS 0.01
CVE-2019-10393 MEDIUM
Jenkins Script Security Plugin <1.62 - RCE
Sep 12, 2019
CVSS 4.2
EPSS 0.01
CVE-2019-10392 HIGH
Jenkins Git Client Plugin < 2.8.4 - OS Command Injection via Git ls-remote URL Argument
Sep 12, 2019
CVSS 8.8
EPSS 0.26
CVE-2019-10391 MEDIUM
Jenkins IBM Application Security on Cloud Plugin < 1.2.4 - Cleartext Transmission of Sensitive Information
Aug 28, 2019
CVSS 6.5
EPSS 0.01
CVE-2019-10390 HIGH
Jenkins Splunk Plugin < 1.7.4 - Authenticated Remote Code Execution via Groovy Script Endpoint
Aug 28, 2019
CVSS 8.8
EPSS 0.02
CVE-2019-10384 HIGH
Jenkins < 2.176.3 - Cross-Site Request Forgery via Non-Expiring CSRF Tokens
Aug 28, 2019
CVSS 8.8
EPSS 0.02
CVE-2019-10383 MEDIUM
Jenkins < 2.176.3 - Authenticated Stored Cross-Site Scripting via Update Site URL Configuration
Aug 28, 2019
CVSS 4.8
EPSS 0.01
CVE-2019-10389 MEDIUM
Jenkins Relution Enterprise Appstore Publisher < 1.24 - Server-Side Request Forgery
Aug 07, 2019
CVSS 4.3
EPSS 0.01
CVE-2019-10388 MEDIUM
Jenkins Relution Enterprise Appstore Publisher < 1.24 - Cross-Site Request Forgery
Aug 07, 2019
CVSS 4.3
EPSS 0.01
CVE-2019-10387 MEDIUM
Jenkins XL TestView Plugin < 1.2.0 - Missing Authorization in XLTestView.XLTestDescriptor#doTestConnection
Aug 07, 2019
CVSS 6.5
EPSS 0.01
CVE-2019-10386 HIGH
Jenkins XL TestView Plugin < 1.2.0 - Cross-Site Request Forgery via Test Connection Endpoint
Aug 07, 2019
CVSS 8.8
EPSS 0.01
CVE-2019-10385 MEDIUM
Jenkins eggPlant Plugin < 2.2 - Insufficiently Protected Credentials in Job Config Files
Aug 07, 2019
CVSS 6.5
EPSS 0.01
CVE-2019-10382 MEDIUM
Jenkins VMware Lab Manager Slaves Plugin <= 0.2.8 - Improper Certificate Validation
Aug 07, 2019
CVSS 6.5
EPSS 0.01
CVE-2019-10381 HIGH
Jenkins Codefresh Integration Plugin < 1.8 - SSL/TLS and Hostname Verification Disabled
Aug 07, 2019
CVSS 7.5
EPSS 0.01
CVE-2019-10380 HIGH
Jenkins Simple Travis Pipeline Runner Plugin <1.0 - RCE
Aug 07, 2019
CVSS 8.8
EPSS 0.02
CVE-2019-10378 MEDIUM
Jenkins TestLink Plugin <= 3.16 - Insufficiently Protected Credentials
Aug 07, 2019
CVSS 5.3
EPSS 0.01
CVE-2019-10377 MEDIUM
Jenkins Avatar Plugin < 1.2 - Missing Authorization for User Avatar Changes
Aug 07, 2019
CVSS 4.3
EPSS 0.01
CVE-2019-10376 MEDIUM
Jenkins Wall Display Plugin < 0.6.34 - Reflected Cross-Site Scripting
Aug 07, 2019
CVSS 6.1
EPSS 0.01
CVE-2019-10375 MEDIUM
Jenkins File System SCM Plugin <2.1 - Info Disclosure
Aug 07, 2019
CVSS 6.5
EPSS 0.01
CVE-2019-10374 MEDIUM
Jenkins PegDown Formatter Plugin < 1.3 - Stored Cross-Site Scripting via JavaScript Scheme Links
Aug 07, 2019
CVSS 5.4
EPSS 0.01
CVE-2019-10373 MEDIUM
Jenkins Build Pipeline Plugin < 1.5.8 - Stored Cross-Site Scripting via Build Pipeline Description
Aug 07, 2019
CVSS 5.4
EPSS 0.01
CVE-2019-10372 MEDIUM
Jenkins Gitlab Authentication Plugin < 1.4 - Open Redirect via GitLabSecurityRealm
Aug 07, 2019
CVSS 6.1
EPSS 0.01
CVE-2019-10371 HIGH
Jenkins Gitlab Auth Plugin <1.4 - Privilege Escalation
Aug 07, 2019
CVSS 7.5
EPSS 0.01
CVE-2019-10370 MEDIUM
Jenkins Mask Passwords Plugin < 2.12.0 - Plaintext Password Exposure in Configuration Form
Aug 07, 2019
CVSS 6.5
EPSS 0.01
CVE-2019-10369 MEDIUM
Jenkins JClouds Plugin < 2.14 - Missing Authorization in Test Connection Endpoint
Aug 07, 2019
CVSS 6.5
EPSS 0.01