jenkins
1,798 tracked vulnerabilities.
CVE-2019-1003009
HIGH
Jenkins Active Directory Plugin <2.10 - RCE
Feb 06, 2019
CVSS 7.4
EPSS 0.01
CVE-2019-1003008
HIGH
Jenkins Warnings Next Gen <2.1.1 - CSRF
Feb 06, 2019
CVSS 8.8
EPSS 0.01
CVE-2019-1003007
HIGH
Jenkins Warnings Plugin <5.0.0 - CSRF
Feb 06, 2019
CVSS 8.8
EPSS 0.01
CVE-2019-1003006
HIGH
Jenkins Groovy < 2.0 - Authenticated Remote Code Execution via StringScriptSource
Feb 06, 2019
CVSS 8.8
EPSS 0.02
CVE-2019-1003005
HIGH
Jenkins Script Security Plugin <1.50 - RCE
Feb 06, 2019
CVSS 8.8
EPSS 0.19
CVE-2019-1003004
HIGH
Jenkins <2.158 - Privilege Escalation
Jan 22, 2019
CVSS 7.2
EPSS 0.02
CVE-2019-1003003
HIGH
Jenkins < 2.150.1 and < 2.158 - Improper Authorization via Remember Me Cookie
Jan 22, 2019
CVSS 7.2
EPSS 0.02
CVE-2019-1003002
HIGH
Pipeline: Declarative Plugin <1.3.3 - RCE
Jan 22, 2019
CVSS 8.8
EPSS 0.82
CVE-2019-1003001
HIGH
Pipeline: Groovy Plugin <2.61 - RCE
Jan 22, 2019
CVSS 8.8
EPSS 0.86
CVE-2019-1003000
HIGH
NUCLEI
Jenkins Script Security Plugin < 1.50 - Sandbox Bypass Remote Code Execution
Jan 22, 2019
CVSS 8.8
EPSS 0.98
CVE-2018-1000997
MEDIUM
Jenkins < 2.138.1, < 2.145 - Path Traversal in Stapler Web Framework
Jan 23, 2019
CVSS 6.5
EPSS 0.03
CVE-2018-1000426
MEDIUM
Jenkins Git Changelog Plugin <2.6 - XSS
Jan 09, 2019
CVSS 6.1
EPSS 0.01
CVE-2018-1000417
HIGH
Jenkins Email Extension Template Plugin <1.0 - CSRF
Jan 09, 2019
CVSS 8.1
EPSS 0.01
CVE-2018-1000414
HIGH
Jenkins Config File Provider Plugin <3.1 - CSRF
Jan 09, 2019
CVSS 8.1
EPSS 0.01
CVE-2018-1000413
MEDIUM
Jenkins Config File Provider Plugin <3.1 - XSS
Jan 09, 2019
CVSS 5.4
EPSS 0.01
CVE-2018-1000412
HIGH
Jenkins Jira Plugin <3.0.1 - Auth Bypass
Jan 09, 2019
CVSS 8.8
EPSS 0.01
CVE-2018-1000411
MEDIUM
Jenkins JUnit Plugin < 1.25 - Cross-Site Request Forgery in TestObject.java
Jan 09, 2019
CVSS 6.5
EPSS 0.01
CVE-2018-1000410
HIGH
Jenkins < 2.145 and LTS < 2.138.1 - Authenticated Exposure of Sensitive Information via Form Submission Handling
Jan 09, 2019
CVSS 7.8
EPSS 0.00
CVE-2018-1000409
MEDIUM
Jenkins < 2.138.1, < 2.145 - Session Fixation via User Signup
Jan 09, 2019
CVSS 5.4
EPSS 0.01
CVE-2018-1000408
MEDIUM
Jenkins ACL Bypass and Metaprogramming RCE
Jan 09, 2019
CVSS 6.5
EPSS 0.01
CVE-2018-1000407
MEDIUM
Jenkins < 2.138.2 - Cross-Site Scripting via API URL Rendering
Jan 09, 2019
CVSS 6.1
EPSS 0.02
CVE-2018-1000406
MEDIUM
Jenkins < 2.138.1, < 2.145 - Authenticated Path Traversal and Arbitrary File Write via File Parameter
Jan 09, 2019
CVSS 6.5
EPSS 0.04
CVE-2018-1000866
HIGH
Pipeline: Groovy Plugin <2.59 - Code Injection
Dec 10, 2018
CVSS 8.8
EPSS 0.02
CVE-2018-1000865
HIGH
Jenkins Script Security Plugin < 1.47 - Sandbox Bypass via SandboxTransformer
Dec 10, 2018
CVSS 8.8
EPSS 0.02
CVE-2018-1000864
MEDIUM
Jenkins < 2.153 and LTS < 2.138.3 - Denial of Service via Infinite Loop in CronTab.java
Dec 10, 2018
CVSS 6.5
EPSS 0.03
Products
jenkins 267
pipeline\ 40
script_security 35
active_directory 12
blue_ocean 11
email_extension 11
git 11
build_failure_analyzer 9
config_file_provider 9
configuration_as_code 9
credentials_binding 8
github_branch_source 8
ns-nd_integration_performance_publisher 8
html_publisher 7
job_configuration_history 7
kubernetes 7
openid_connect_authentication 7
openshift_deployer 7
rundeck 7
subversion 7
amazon_ec2 6
azure_ad 6
azure_vm_agents 6
deployment_dashboard 6
electricflow 6
gerrit_trigger 6
git_client 6
git_parameter 6
github 6
github_pull_request_builder 6
Quick Filters