jenkins
1,798 tracked vulnerabilities.
CVE-2025-47887
MEDIUM
Jenkins Cadence vManager < 4.0.1-286.v9e25a_740b_a_48 - Missing Authorization
May 14, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-47886
MEDIUM
Jenkins Cadence vManager < 4.0.1-286.v9e25a_740b_a_48 - Cross-Site Request Forgery
May 14, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-47885
HIGH
Jenkins Health Advisor by CloudBees < 374.v194b_d4f0c8c8 - Stored Cross-Site Scripting via Server Response
May 14, 2025
CVSS 8.8
EPSS 0.00
CVE-2025-47884
CRITICAL
Jenkins OpenID Connect Provider Plugin < 96.vee8ed882ec4d - Impersonation via Environment Variable Override
May 14, 2025
CVSS 9.1
EPSS 0.01
CVE-2025-32755
CRITICAL
Jenkins/ssh-slave Docker - Privilege Escalation
Apr 10, 2025
CVSS 9.1
EPSS 0.00
CVE-2025-32754
CRITICAL
Jenkins/ssh-agent Docker <6.11.1 - Privilege Escalation
Apr 10, 2025
CVSS 9.1
EPSS 0.00
CVE-2025-31728
MEDIUM
Jenkins AsakusaSatellite Plugin <0.1.1 - Info Disclosure
Apr 02, 2025
CVSS 5.5
EPSS 0.00
CVE-2025-31727
MEDIUM
Jenkins AsakusaSatellite Plugin <0.1.1 - Info Disclosure
Apr 02, 2025
CVSS 5.5
EPSS 0.00
CVE-2025-31726
MEDIUM
Jenkins Stack Hammer Plugin <1.0.6 - Info Disclosure
Apr 02, 2025
CVSS 5.5
EPSS 0.00
CVE-2025-31725
MEDIUM
Jenkins monitor-remote-job Plugin 1.0 - Info Disclosure
Apr 02, 2025
CVSS 5.5
EPSS 0.00
CVE-2025-31724
MEDIUM
Jenkins Cadence vManager Plugin <4.0.0-282.v5096a_c2db_275 - Info D...
Apr 02, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-31723
MEDIUM
Jenkins Simple Queue Plugin <1.4.6 - CSRF
Apr 02, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-31722
HIGH
Jenkins Templating Engine Plugin <2.5.3 - RCE
Apr 02, 2025
CVSS 8.8
EPSS 0.01
CVE-2025-31721
MEDIUM
Jenkins <2.503 - Privilege Escalation
Apr 02, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-31720
MEDIUM
Jenkins <2.503-<2.492.2 - Privilege Escalation
Apr 02, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-30197
LOW
Jenkins Zoho QEngine Plugin <1.0.29 - Info Disclosure
Mar 19, 2025
CVSS 3.1
EPSS 0.00
CVE-2025-30196
MEDIUM
Jenkins AnchorChain Plugin 1.0 - XSS
Mar 19, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-27625
MEDIUM
Jenkins < 2.492.2, < 2.500 - URL Redirection to Untrusted Site via Backslash Character Handling
Mar 05, 2025
CVSS 4.3
EPSS 0.01
CVE-2025-27624
MEDIUM
Jenkins < 2.492.2, 2.493-2.499 - Cross-Site Request Forgery
Mar 05, 2025
CVSS 5.4
EPSS 0.00
CVE-2025-27623
MEDIUM
Jenkins < 2.492.2 and < 2.500 - Cleartext Storage of Sensitive Information in View Config
Mar 05, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-27622
MEDIUM
Jenkins < 2.492.2, 2.493-2.499 - Cleartext Storage of Sensitive Information in Agent config.xml
Mar 05, 2025
CVSS 4.3
EPSS 0.01
CVE-2025-24403
MEDIUM
Jenkins Azure Service Fabric Plugin < 1.6 - Missing Authorization for Azure Credential ID Enumeration
Jan 22, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-24402
MEDIUM
Jenkins Azure Service Fabric Plugin < 1.6 - Cross-Site Request Forgery
Jan 22, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-24401
MEDIUM
Jenkins Folder-based Authorization Strategy Plugin < 217.vd5b_18537403e - Incorrect Authorization
Jan 22, 2025
CVSS 6.8
EPSS 0.00
CVE-2025-24400
MEDIUM
Jenkins Eiffel Broadcaster Plugin 2.8.0-2.10.2 - Incorrect Authorization via Credential ID Cache Key
Jan 22, 2025
CVSS 4.3
EPSS 0.00
Products
jenkins 267
pipeline\ 40
script_security 35
active_directory 12
blue_ocean 11
email_extension 11
git 11
build_failure_analyzer 9
config_file_provider 9
configuration_as_code 9
credentials_binding 8
github_branch_source 8
ns-nd_integration_performance_publisher 8
html_publisher 7
job_configuration_history 7
kubernetes 7
openid_connect_authentication 7
openshift_deployer 7
rundeck 7
subversion 7
amazon_ec2 6
azure_ad 6
azure_vm_agents 6
deployment_dashboard 6
electricflow 6
gerrit_trigger 6
git_client 6
git_parameter 6
github 6
github_pull_request_builder 6
Quick Filters