jenkins

1,798 tracked vulnerabilities.

CVE-2019-1003009 HIGH
Jenkins Active Directory Plugin <2.10 - RCE
Feb 06, 2019
CVSS 7.4
EPSS 0.01
CVE-2019-1003008 HIGH
Jenkins Warnings Next Gen <2.1.1 - CSRF
Feb 06, 2019
CVSS 8.8
EPSS 0.01
CVE-2019-1003007 HIGH
Jenkins Warnings Plugin <5.0.0 - CSRF
Feb 06, 2019
CVSS 8.8
EPSS 0.01
CVE-2019-1003006 HIGH
Jenkins Groovy < 2.0 - Authenticated Remote Code Execution via StringScriptSource
Feb 06, 2019
CVSS 8.8
EPSS 0.02
CVE-2019-1003005 HIGH
Jenkins Script Security Plugin <1.50 - RCE
Feb 06, 2019
CVSS 8.8
EPSS 0.19
CVE-2019-1003004 HIGH
Jenkins <2.158 - Privilege Escalation
Jan 22, 2019
CVSS 7.2
EPSS 0.02
CVE-2019-1003003 HIGH
Jenkins < 2.150.1 and < 2.158 - Improper Authorization via Remember Me Cookie
Jan 22, 2019
CVSS 7.2
EPSS 0.02
CVE-2019-1003002 HIGH
Pipeline: Declarative Plugin <1.3.3 - RCE
Jan 22, 2019
CVSS 8.8
EPSS 0.82
CVE-2019-1003001 HIGH
Pipeline: Groovy Plugin <2.61 - RCE
Jan 22, 2019
CVSS 8.8
EPSS 0.86
CVE-2019-1003000 HIGH NUCLEI
Jenkins Script Security Plugin < 1.50 - Sandbox Bypass Remote Code Execution
Jan 22, 2019
CVSS 8.8
EPSS 0.98
CVE-2018-1000997 MEDIUM
Jenkins < 2.138.1, < 2.145 - Path Traversal in Stapler Web Framework
Jan 23, 2019
CVSS 6.5
EPSS 0.03
CVE-2018-1000426 MEDIUM
Jenkins Git Changelog Plugin <2.6 - XSS
Jan 09, 2019
CVSS 6.1
EPSS 0.01
CVE-2018-1000417 HIGH
Jenkins Email Extension Template Plugin <1.0 - CSRF
Jan 09, 2019
CVSS 8.1
EPSS 0.01
CVE-2018-1000414 HIGH
Jenkins Config File Provider Plugin <3.1 - CSRF
Jan 09, 2019
CVSS 8.1
EPSS 0.01
CVE-2018-1000413 MEDIUM
Jenkins Config File Provider Plugin <3.1 - XSS
Jan 09, 2019
CVSS 5.4
EPSS 0.01
CVE-2018-1000412 HIGH
Jenkins Jira Plugin <3.0.1 - Auth Bypass
Jan 09, 2019
CVSS 8.8
EPSS 0.01
CVE-2018-1000411 MEDIUM
Jenkins JUnit Plugin < 1.25 - Cross-Site Request Forgery in TestObject.java
Jan 09, 2019
CVSS 6.5
EPSS 0.01
CVE-2018-1000410 HIGH
Jenkins < 2.145 and LTS < 2.138.1 - Authenticated Exposure of Sensitive Information via Form Submission Handling
Jan 09, 2019
CVSS 7.8
EPSS 0.00
CVE-2018-1000409 MEDIUM
Jenkins < 2.138.1, < 2.145 - Session Fixation via User Signup
Jan 09, 2019
CVSS 5.4
EPSS 0.01
CVE-2018-1000408 MEDIUM
Jenkins ACL Bypass and Metaprogramming RCE
Jan 09, 2019
CVSS 6.5
EPSS 0.01
CVE-2018-1000407 MEDIUM
Jenkins < 2.138.2 - Cross-Site Scripting via API URL Rendering
Jan 09, 2019
CVSS 6.1
EPSS 0.02
CVE-2018-1000406 MEDIUM
Jenkins < 2.138.1, < 2.145 - Authenticated Path Traversal and Arbitrary File Write via File Parameter
Jan 09, 2019
CVSS 6.5
EPSS 0.04
CVE-2018-1000866 HIGH
Pipeline: Groovy Plugin <2.59 - Code Injection
Dec 10, 2018
CVSS 8.8
EPSS 0.02
CVE-2018-1000865 HIGH
Jenkins Script Security Plugin < 1.47 - Sandbox Bypass via SandboxTransformer
Dec 10, 2018
CVSS 8.8
EPSS 0.02
CVE-2018-1000864 MEDIUM
Jenkins < 2.153 and LTS < 2.138.3 - Denial of Service via Infinite Loop in CronTab.java
Dec 10, 2018
CVSS 6.5
EPSS 0.03