jenkins

1,798 tracked vulnerabilities.

CVE-2025-47887 MEDIUM
Jenkins Cadence vManager < 4.0.1-286.v9e25a_740b_a_48 - Missing Authorization
May 14, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-47886 MEDIUM
Jenkins Cadence vManager < 4.0.1-286.v9e25a_740b_a_48 - Cross-Site Request Forgery
May 14, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-47885 HIGH
Jenkins Health Advisor by CloudBees < 374.v194b_d4f0c8c8 - Stored Cross-Site Scripting via Server Response
May 14, 2025
CVSS 8.8
EPSS 0.00
CVE-2025-47884 CRITICAL
Jenkins OpenID Connect Provider Plugin < 96.vee8ed882ec4d - Impersonation via Environment Variable Override
May 14, 2025
CVSS 9.1
EPSS 0.01
CVE-2025-32755 CRITICAL
Jenkins/ssh-slave Docker - Privilege Escalation
Apr 10, 2025
CVSS 9.1
EPSS 0.00
CVE-2025-32754 CRITICAL
Jenkins/ssh-agent Docker <6.11.1 - Privilege Escalation
Apr 10, 2025
CVSS 9.1
EPSS 0.00
CVE-2025-31728 MEDIUM
Jenkins AsakusaSatellite Plugin <0.1.1 - Info Disclosure
Apr 02, 2025
CVSS 5.5
EPSS 0.00
CVE-2025-31727 MEDIUM
Jenkins AsakusaSatellite Plugin <0.1.1 - Info Disclosure
Apr 02, 2025
CVSS 5.5
EPSS 0.00
CVE-2025-31726 MEDIUM
Jenkins Stack Hammer Plugin <1.0.6 - Info Disclosure
Apr 02, 2025
CVSS 5.5
EPSS 0.00
CVE-2025-31725 MEDIUM
Jenkins monitor-remote-job Plugin 1.0 - Info Disclosure
Apr 02, 2025
CVSS 5.5
EPSS 0.00
CVE-2025-31724 MEDIUM
Jenkins Cadence vManager Plugin <4.0.0-282.v5096a_c2db_275 - Info D...
Apr 02, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-31723 MEDIUM
Jenkins Simple Queue Plugin <1.4.6 - CSRF
Apr 02, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-31722 HIGH
Jenkins Templating Engine Plugin <2.5.3 - RCE
Apr 02, 2025
CVSS 8.8
EPSS 0.01
CVE-2025-31721 MEDIUM
Jenkins <2.503 - Privilege Escalation
Apr 02, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-31720 MEDIUM
Jenkins <2.503-<2.492.2 - Privilege Escalation
Apr 02, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-30197 LOW
Jenkins Zoho QEngine Plugin <1.0.29 - Info Disclosure
Mar 19, 2025
CVSS 3.1
EPSS 0.00
CVE-2025-30196 MEDIUM
Jenkins AnchorChain Plugin 1.0 - XSS
Mar 19, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-27625 MEDIUM
Jenkins < 2.492.2, < 2.500 - URL Redirection to Untrusted Site via Backslash Character Handling
Mar 05, 2025
CVSS 4.3
EPSS 0.01
CVE-2025-27624 MEDIUM
Jenkins < 2.492.2, 2.493-2.499 - Cross-Site Request Forgery
Mar 05, 2025
CVSS 5.4
EPSS 0.00
CVE-2025-27623 MEDIUM
Jenkins < 2.492.2 and < 2.500 - Cleartext Storage of Sensitive Information in View Config
Mar 05, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-27622 MEDIUM
Jenkins < 2.492.2, 2.493-2.499 - Cleartext Storage of Sensitive Information in Agent config.xml
Mar 05, 2025
CVSS 4.3
EPSS 0.01
CVE-2025-24403 MEDIUM
Jenkins Azure Service Fabric Plugin < 1.6 - Missing Authorization for Azure Credential ID Enumeration
Jan 22, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-24402 MEDIUM
Jenkins Azure Service Fabric Plugin < 1.6 - Cross-Site Request Forgery
Jan 22, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-24401 MEDIUM
Jenkins Folder-based Authorization Strategy Plugin < 217.vd5b_18537403e - Incorrect Authorization
Jan 22, 2025
CVSS 6.8
EPSS 0.00
CVE-2025-24400 MEDIUM
Jenkins Eiffel Broadcaster Plugin 2.8.0-2.10.2 - Incorrect Authorization via Credential ID Cache Key
Jan 22, 2025
CVSS 4.3
EPSS 0.00