jenkins
1,798 tracked vulnerabilities.
CVE-2019-10312
MEDIUM
Jenkins Ansible Tower Plugin <= 0.9.1 - Missing Authorization in TowerInstallation Descriptor
Apr 30, 2019
CVSS 4.3
EPSS 0.01
CVE-2019-10311
HIGH
Jenkins Ansible Tower Plugin < 0.9.1 - Missing Authorization in TowerInstallation Connection Test
Apr 30, 2019
CVSS 8.8
EPSS 0.02
CVE-2019-10310
HIGH
Jenkins Ansible Tower Plugin < 0.9.1 - Cross-Site Request Forgery via TowerInstallation Connection Test
Apr 30, 2019
CVSS 8.8
EPSS 0.02
CVE-2019-10309
CRITICAL
Jenkins Self-Organizing Swarm Modules Plugin - XML External Entity Injection via UDP Broadcast Response
Apr 30, 2019
CVSS 9.3
EPSS 0.02
CVE-2019-10308
MEDIUM
Jenkins Static Analysis Utilities < 1.95 - Missing Authorization in DefaultGraphConfigurationView#doSave
Apr 30, 2019
CVSS 6.5
EPSS 0.02
CVE-2019-10307
MEDIUM
Jenkins Static Analysis Utilities Plugin < 1.95 - Cross-Site Request Forgery via DefaultGraphConfigurationView#doSave
Apr 30, 2019
CVSS 6.5
EPSS 0.01
CVE-2019-10306
CRITICAL
Jenkins ontrack < 3.4 - Sandbox Bypass via DSL Definition
Apr 18, 2019
CVSS 9.9
EPSS 0.02
CVE-2019-10305
MEDIUM
Jenkins XebiaLabs XL Deploy Plugin < 7.5.3 - Missing Authorization in Credential Validation
Apr 18, 2019
CVSS 6.5
EPSS 0.01
CVE-2019-10304
MEDIUM
Jenkins XebiaLabs XL Deploy Plugin < 7.5.3 - Cross-Site Request Forgery via Credential Form Validation
Apr 18, 2019
CVSS 6.5
EPSS 0.01
CVE-2019-10303
HIGH
Jenkins Azure PublisherSettings Credentials Plugin < 1.2 - Insufficiently Protected Credentials
Apr 18, 2019
CVSS 8.8
EPSS 0.01
CVE-2019-10302
HIGH
Jenkins jira-ext < 0.8 - Insufficiently Protected Credentials
Apr 18, 2019
CVSS 8.8
EPSS 0.01
CVE-2019-10301
HIGH
Jenkins GitLab Plugin < 1.5.11 - Missing Authorization in Connection Test
Apr 18, 2019
CVSS 8.8
EPSS 0.01
CVE-2019-10300
HIGH
Jenkins GitLab Plugin < 1.5.11 - Cross-Site Request Forgery via Test Connection Form
Apr 18, 2019
CVSS 8.0
EPSS 0.01
CVE-2019-1003050
MEDIUM
Jenkins < 2.164.2 - Stored Cross-Site Scripting via Job URL in f:validateButton
Apr 10, 2019
CVSS 5.4
EPSS 0.01
CVE-2019-1003049
HIGH
Jenkins < 2.164.1 and < 2.171 - Insufficient Session Expiration
Apr 10, 2019
CVSS 8.1
EPSS 0.02
CVE-2019-10299
HIGH
Jenkins CloudCoreo DeployTime Plugin - Insufficiently Protected Credentials
Apr 04, 2019
CVSS 8.8
EPSS 0.02
CVE-2019-10298
HIGH
Jenkins Koji Plugin - Insufficiently Protected Credentials
Apr 04, 2019
CVSS 8.8
EPSS 0.02
CVE-2019-10297
HIGH
Jenkins Sametime Plugin - Insufficiently Protected Credentials
Apr 04, 2019
CVSS 8.8
EPSS 0.02
CVE-2019-10296
HIGH
Jenkins Serena SRA Deploy Plugin - Insufficiently Protected Credentials
Apr 04, 2019
CVSS 8.8
EPSS 0.02
CVE-2019-10295
HIGH
Jenkins crittercism-dsym Plugin - Insufficiently Protected Credentials in config.xml
Apr 04, 2019
CVSS 8.8
EPSS 0.02
CVE-2019-10294
HIGH
Jenkins Kmap Plugin - Insufficiently Protected Credentials in Job config.xml
Apr 04, 2019
CVSS 8.8
EPSS 0.02
CVE-2019-10293
MEDIUM
Jenkins Kmap Plugin - Missing Authorization in Form Validation Methods
Apr 04, 2019
CVSS 6.5
EPSS 0.01
CVE-2019-10292
MEDIUM
Jenkins Kmap Plugin - Cross-Site Request Forgery via Form Validation
Apr 04, 2019
CVSS 6.5
EPSS 0.01
CVE-2019-10291
HIGH
Jenkins Netsparker Cloud Scan Plugin < 1.1.5 - Insufficiently Protected Credentials
Apr 04, 2019
CVSS 8.8
EPSS 0.02
CVE-2019-10290
MEDIUM
Jenkins Netsparker Cloud Scan Plugin < 1.1.5 - Missing Authorization in NCScanBuilder Descriptor Validation
Apr 04, 2019
CVSS 6.5
EPSS 0.02
Products
jenkins 267
pipeline\ 40
script_security 35
active_directory 12
blue_ocean 11
email_extension 11
git 11
build_failure_analyzer 9
config_file_provider 9
configuration_as_code 9
credentials_binding 8
github_branch_source 8
ns-nd_integration_performance_publisher 8
html_publisher 7
job_configuration_history 7
kubernetes 7
openid_connect_authentication 7
openshift_deployer 7
rundeck 7
subversion 7
amazon_ec2 6
azure_ad 6
azure_vm_agents 6
deployment_dashboard 6
electricflow 6
gerrit_trigger 6
git_client 6
git_parameter 6
github 6
github_pull_request_builder 6
Quick Filters