jenkins

1,798 tracked vulnerabilities.

CVE-2019-10312 MEDIUM
Jenkins Ansible Tower Plugin <= 0.9.1 - Missing Authorization in TowerInstallation Descriptor
Apr 30, 2019
CVSS 4.3
EPSS 0.01
CVE-2019-10311 HIGH
Jenkins Ansible Tower Plugin < 0.9.1 - Missing Authorization in TowerInstallation Connection Test
Apr 30, 2019
CVSS 8.8
EPSS 0.02
CVE-2019-10310 HIGH
Jenkins Ansible Tower Plugin < 0.9.1 - Cross-Site Request Forgery via TowerInstallation Connection Test
Apr 30, 2019
CVSS 8.8
EPSS 0.02
CVE-2019-10309 CRITICAL
Jenkins Self-Organizing Swarm Modules Plugin - XML External Entity Injection via UDP Broadcast Response
Apr 30, 2019
CVSS 9.3
EPSS 0.02
CVE-2019-10308 MEDIUM
Jenkins Static Analysis Utilities < 1.95 - Missing Authorization in DefaultGraphConfigurationView#doSave
Apr 30, 2019
CVSS 6.5
EPSS 0.02
CVE-2019-10307 MEDIUM
Jenkins Static Analysis Utilities Plugin < 1.95 - Cross-Site Request Forgery via DefaultGraphConfigurationView#doSave
Apr 30, 2019
CVSS 6.5
EPSS 0.01
CVE-2019-10306 CRITICAL
Jenkins ontrack < 3.4 - Sandbox Bypass via DSL Definition
Apr 18, 2019
CVSS 9.9
EPSS 0.02
CVE-2019-10305 MEDIUM
Jenkins XebiaLabs XL Deploy Plugin < 7.5.3 - Missing Authorization in Credential Validation
Apr 18, 2019
CVSS 6.5
EPSS 0.01
CVE-2019-10304 MEDIUM
Jenkins XebiaLabs XL Deploy Plugin < 7.5.3 - Cross-Site Request Forgery via Credential Form Validation
Apr 18, 2019
CVSS 6.5
EPSS 0.01
CVE-2019-10303 HIGH
Jenkins Azure PublisherSettings Credentials Plugin < 1.2 - Insufficiently Protected Credentials
Apr 18, 2019
CVSS 8.8
EPSS 0.01
CVE-2019-10302 HIGH
Jenkins jira-ext < 0.8 - Insufficiently Protected Credentials
Apr 18, 2019
CVSS 8.8
EPSS 0.01
CVE-2019-10301 HIGH
Jenkins GitLab Plugin < 1.5.11 - Missing Authorization in Connection Test
Apr 18, 2019
CVSS 8.8
EPSS 0.01
CVE-2019-10300 HIGH
Jenkins GitLab Plugin < 1.5.11 - Cross-Site Request Forgery via Test Connection Form
Apr 18, 2019
CVSS 8.0
EPSS 0.01
CVE-2019-1003050 MEDIUM
Jenkins < 2.164.2 - Stored Cross-Site Scripting via Job URL in f:validateButton
Apr 10, 2019
CVSS 5.4
EPSS 0.01
CVE-2019-1003049 HIGH
Jenkins < 2.164.1 and < 2.171 - Insufficient Session Expiration
Apr 10, 2019
CVSS 8.1
EPSS 0.02
CVE-2019-10299 HIGH
Jenkins CloudCoreo DeployTime Plugin - Insufficiently Protected Credentials
Apr 04, 2019
CVSS 8.8
EPSS 0.02
CVE-2019-10298 HIGH
Jenkins Koji Plugin - Insufficiently Protected Credentials
Apr 04, 2019
CVSS 8.8
EPSS 0.02
CVE-2019-10297 HIGH
Jenkins Sametime Plugin - Insufficiently Protected Credentials
Apr 04, 2019
CVSS 8.8
EPSS 0.02
CVE-2019-10296 HIGH
Jenkins Serena SRA Deploy Plugin - Insufficiently Protected Credentials
Apr 04, 2019
CVSS 8.8
EPSS 0.02
CVE-2019-10295 HIGH
Jenkins crittercism-dsym Plugin - Insufficiently Protected Credentials in config.xml
Apr 04, 2019
CVSS 8.8
EPSS 0.02
CVE-2019-10294 HIGH
Jenkins Kmap Plugin - Insufficiently Protected Credentials in Job config.xml
Apr 04, 2019
CVSS 8.8
EPSS 0.02
CVE-2019-10293 MEDIUM
Jenkins Kmap Plugin - Missing Authorization in Form Validation Methods
Apr 04, 2019
CVSS 6.5
EPSS 0.01
CVE-2019-10292 MEDIUM
Jenkins Kmap Plugin - Cross-Site Request Forgery via Form Validation
Apr 04, 2019
CVSS 6.5
EPSS 0.01
CVE-2019-10291 HIGH
Jenkins Netsparker Cloud Scan Plugin < 1.1.5 - Insufficiently Protected Credentials
Apr 04, 2019
CVSS 8.8
EPSS 0.02
CVE-2019-10290 MEDIUM
Jenkins Netsparker Cloud Scan Plugin < 1.1.5 - Missing Authorization in NCScanBuilder Descriptor Validation
Apr 04, 2019
CVSS 6.5
EPSS 0.02