jenkins

1,755 tracked vulnerabilities.

CVE-2018-1000602 MEDIUM
Jenkins SAML Plugin <1.0.6 - Privilege Escalation
Jun 26, 2018
CVSS 5.9
EPSS 0.00
CVE-2018-1000601 MEDIUM
Jenkins SSH Credentials Plugin <1.13 - Info Disclosure
Jun 26, 2018
CVSS 6.5
EPSS 0.00
CVE-2018-1000600 HIGH NUCLEI
Jenkins GitHub Plugin <1.29.1 - Info Disclosure
Jun 26, 2018
CVSS 8.8
EPSS 0.94
CVE-2018-1000202 MEDIUM
Jenkins Groovy Postbuild Plugin <2.3.1 - XSS
Jun 05, 2018
CVSS 5.4
EPSS 0.00
CVE-2018-1000198 MEDIUM
Jenkins Black Duck Hub Plugin <3.1.0 - SSRF
Jun 05, 2018
CVSS 6.5
EPSS 0.00
CVE-2018-1000197 HIGH
Jenkins Black Duck Hub Plugin <3.0.3 - Auth Bypass
Jun 05, 2018
CVSS 8.1
EPSS 0.00
CVE-2018-1000196 MEDIUM
Jenkins Gitlab Hook Plugin <1.4.2 - Info Disclosure
Jun 05, 2018
CVSS 6.5
EPSS 0.00
CVE-2018-1000195 MEDIUM
Jenkins < 2.120 and LTS < 2.107.2 - Server-Side Request Forgery via ZipExtractionInstaller
Jun 05, 2018
CVSS 4.3
EPSS 0.01
CVE-2018-1000194 HIGH
Jenkins < 2.120 and LTS < 2.107.2 - Path Traversal and Arbitrary File Write via FilePath and SoloFilePathFilter
Jun 05, 2018
CVSS 8.1
EPSS 0.00
CVE-2018-1000193 MEDIUM
Jenkins < 2.120 and LTS < 2.107.2 - User Impersonation via Control Character Injection in Username
Jun 05, 2018
CVSS 4.3
EPSS 0.01
CVE-2018-1000192 MEDIUM
Jenkins < 2.120 and LTS < 2.107.2 - Information Exposure in AboutJenkins.java and ListPluginsCommand.java
Jun 05, 2018
CVSS 4.3
EPSS 0.00
CVE-2018-1000191 MEDIUM
Jenkins Black Duck Detect Plugin <1.4.0 - Info Disclosure
Jun 05, 2018
CVSS 6.5
EPSS 0.00
CVE-2018-1000190 MEDIUM
Jenkins Black Duck Hub Plugin <4.0.0 - Info Disclosure
Jun 05, 2018
CVSS 6.5
EPSS 0.00
CVE-2018-1000189 HIGH
Jenkins Absint Astree Plugin <1.0.5 - Command Injection
Jun 05, 2018
CVSS 8.8
EPSS 0.00
CVE-2018-1000188 MEDIUM
Jenkins CAS Plugin < 1.4.1 - Server-Side Request Forgery via CasSecurityRealm.java
Jun 05, 2018
CVSS 5.4
EPSS 0.00
CVE-2018-1000187 MEDIUM
Jenkins Kubernetes Plugin <1.7.0 - Info Disclosure
Jun 05, 2018
CVSS 6.5
EPSS 0.00
CVE-2018-1000186 MEDIUM
Jenkins GitHub Pull Request Builder Plugin <1.41.0 - Info Disclosure
Jun 05, 2018
CVSS 6.5
EPSS 0.00
CVE-2018-1000185 MEDIUM
Jenkins GitHub Branch Source Plugin <2.3.4 - SSRF
Jun 05, 2018
CVSS 4.3
EPSS 0.00
CVE-2018-1000184 MEDIUM
Jenkins GitHub Plugin <1.29.0 - SSRF
Jun 05, 2018
CVSS 5.4
EPSS 0.00
CVE-2018-1000183 MEDIUM
Jenkins GitHub Plugin <1.29.0 - Info Disclosure
Jun 05, 2018
CVSS 6.5
EPSS 0.00
CVE-2018-1000182 MEDIUM
Jenkins Git Plugin < 3.9.0 - Server-Side Request Forgery via Repository Browser
Jun 05, 2018
CVSS 6.4
EPSS 0.00
CVE-2018-1000177 MEDIUM
Jenkins S3 Plugin < 0.10.12 - Stored Cross-Site Scripting via Uploaded File Names
May 08, 2018
CVSS 5.4
EPSS 0.00
CVE-2018-1000176 MEDIUM
Jenkins Email Extension Plugin <2.61 - Info Disclosure
May 08, 2018
CVSS 6.5
EPSS 0.00
CVE-2018-1000175 MEDIUM
Jenkins HTML Publisher Plugin <1.15 - Path Traversal
May 08, 2018
CVSS 6.5
EPSS 0.00
CVE-2018-1000174 MEDIUM
Jenkins Google Login Plugin <1.3 - Open Redirect
May 08, 2018
CVSS 6.1
EPSS 0.00
Products
jenkins 259 pipeline\ 37 script_security 33 blue_ocean 11 git 11 email_extension 10 active_directory 9 build_failure_analyzer 9 config_file_provider 9 configuration_as_code 9 ns-nd_integration_performance_publisher 8 credentials_binding 7 github_branch_source 7 html_publisher 7 kubernetes 7 openid_connect_authentication 7 openshift_deployer 7 rundeck 7 subversion 7 amazon_ec2 6 azure_ad 6 azure_vm_agents 6 deployment_dashboard 6 electricflow 6 gerrit_trigger 6 github 6 github_pull_request_builder 6 gitlab 6 google_compute_engine 6 hashicorp_vault 6
Quick Filters
Critical CVEs With Exploits In CISA KEV