jenkins

1,755 tracked vulnerabilities.

CVE-2017-2607 MEDIUM
Jenkins < 2.44 and < 2.32.2 - Stored Cross-Site Scripting via Console Notes
May 21, 2018
CVSS 4.2
EPSS 0.00
CVE-2017-2613 MEDIUM
Jenkins < 2.44 and < 2.32.2 - User Creation CSRF via GET Request
May 15, 2018
CVSS 5.4
EPSS 0.00
CVE-2017-2610 MEDIUM
Jenkins < 2.44 and < 2.32.2 - Stored Cross-Site Scripting in Search Suggestions
May 15, 2018
CVSS 5.4
EPSS 0.00
CVE-2017-2604 MEDIUM
Jenkins <2.44 - Privilege Escalation
May 15, 2018
CVSS 4.3
EPSS 0.00
CVE-2017-2603 LOW
Jenkins < 2.44 and 2.32.2 - User Data Leak in Disconnected Agents' config.xml API
May 15, 2018
CVSS 2.6
EPSS 0.00
CVE-2017-2602 LOW
Jenkins <2.44, 2.32.2 - Info Disclosure
May 15, 2018
CVSS 3.1
EPSS 0.00
CVE-2017-2612 MEDIUM
Jenkins <2.44, 2.32.2 - Privilege Escalation
May 15, 2018
CVSS 5.4
EPSS 0.00
CVE-2017-2608 HIGH
Jenkins < 2.44 and < 2.32.2 - Remote Code Execution via XStream Deserialization
May 15, 2018
CVSS 8.8
EPSS 0.03
CVE-2017-2600 MEDIUM
Jenkins < 2.44 and < 2.32.2 - Unauthenticated Information Disclosure via Node Monitor Remote API
May 15, 2018
CVSS 4.3
EPSS 0.00
CVE-2017-2601 MEDIUM
Jenkins < 2.44 and < 2.32.2 - Stored Cross-Site Scripting in Parameter Names and Descriptions
May 10, 2018
CVSS 5.4
EPSS 0.00
CVE-2017-2606 MEDIUM
Jenkins < 2.44 and < 2.32.2 - Unauthenticated Exposure of Sensitive Item Names via Internal API
May 08, 2018
CVSS 4.3
EPSS 0.00
CVE-2017-2611 MEDIUM
Jenkins <2.44, 2.32.2 - Privilege Escalation
May 08, 2018
CVSS 4.3
EPSS 0.00
CVE-2017-2599 MEDIUM
Jenkins < 2.44 and < 2.32.2 - Incorrect Authorization via Item Overwrite
Apr 11, 2018
CVSS 5.4
EPSS 0.00
CVE-2017-1000356 HIGH
Jenkins <2.56 & <2.46.1 LTS - Privilege Escalation
Jan 29, 2018
CVSS 8.8
EPSS 0.07
CVE-2017-1000355 MEDIUM
Jenkins < 2.56 and < 2.46.1 - Denial of Service via XStream Void Type Instantiation
Jan 29, 2018
CVSS 6.5
EPSS 0.00
CVE-2017-1000354 HIGH
Jenkins <2.56-<2.46.1 LTS - Privilege Escalation
Jan 29, 2018
CVSS 8.8
EPSS 0.00
CVE-2017-1000353 CRITICAL KEVNUCLEI
Jenkins < 2.56 and < 2.46.1 - Unauthenticated Remote Code Execution via Java Deserialization
Jan 29, 2018
CVSS 9.8
EPSS 0.94
CVE-2017-1000404 MEDIUM
Jenkins Delivery Pipeline Plugin <1.0.7 - XSS
Jan 26, 2018
CVSS 6.1
EPSS 0.00
CVE-2017-1000403 HIGH
Jenkins Speaks! - Privilege Escalation
Jan 26, 2018
CVSS 8.8
EPSS 0.00
CVE-2017-1000402 MEDIUM
Jenkins Swarm Plugin Client <3.4 - Man-in-the-middle
Jan 26, 2018
CVSS 5.9
EPSS 0.00
CVE-2017-1000401 LOW
Jenkins 2.73.1-2.83 - Info Disclosure
Jan 26, 2018
CVSS 2.2
EPSS 0.00
CVE-2017-1000400 MEDIUM
Jenkins <2.73.1, <2.83 - Info Disclosure
Jan 26, 2018
CVSS 4.3
EPSS 0.00
CVE-2017-1000399 MEDIUM
Jenkins <2.73.1, <2.83 - Info Disclosure
Jan 26, 2018
CVSS 4.3
EPSS 0.00
CVE-2017-1000398 MEDIUM
Jenkins <2.73.1, <2.83 - Info Disclosure
Jan 26, 2018
CVSS 4.3
EPSS 0.00
CVE-2017-1000397 MEDIUM
Jenkins Maven Plugin <2.17 - Man-in-the-middle
Jan 26, 2018
CVSS 5.9
EPSS 0.00
Products
jenkins 259 pipeline\ 37 script_security 33 blue_ocean 11 git 11 email_extension 10 active_directory 9 build_failure_analyzer 9 config_file_provider 9 configuration_as_code 9 ns-nd_integration_performance_publisher 8 credentials_binding 7 github_branch_source 7 html_publisher 7 kubernetes 7 openid_connect_authentication 7 openshift_deployer 7 rundeck 7 subversion 7 amazon_ec2 6 azure_ad 6 azure_vm_agents 6 deployment_dashboard 6 electricflow 6 gerrit_trigger 6 github 6 github_pull_request_builder 6 gitlab 6 google_compute_engine 6 hashicorp_vault 6
Quick Filters
Critical CVEs With Exploits In CISA KEV