jenkins
1,798 tracked vulnerabilities.
CVE-2018-1000055
HIGH
Jenkins Android Lint Plugin <2.5 - SSRF/DoS
Feb 09, 2018
CVSS 8.3
EPSS 0.01
CVE-2018-1000054
HIGH
Jenkins CCM Plugin < 3.1 - XML External Entity Injection in Build Process
Feb 09, 2018
CVSS 8.3
EPSS 0.01
CVE-2018-1000015
MEDIUM
Jenkins Pipeline: Nodes and Processes < 2.17 - Missing Authorization for Pipeline Node Blocks
Jan 23, 2018
CVSS 4.8
EPSS 0.01
CVE-2018-1000014
HIGH
Jenkins Translation Assistance Plugin < 1.15 - Cross-Site Request Forgery
Jan 23, 2018
CVSS 8.8
EPSS 0.01
CVE-2018-1000013
HIGH
Jenkins Release Plugin < 2.9 - Cross-Site Request Forgery via Form Submission
Jan 23, 2018
CVSS 8.8
EPSS 0.01
CVE-2018-1000012
HIGH
Jenkins Warnings Plugin < 4.64 - XML External Entity Injection
Jan 23, 2018
CVSS 8.8
EPSS 0.01
CVE-2018-1000011
HIGH
Jenkins FindBugs Plugin < 4.71 - XML External Entity Injection in Build Process
Jan 23, 2018
CVSS 8.8
EPSS 0.01
CVE-2018-1000010
HIGH
Jenkins DRY Plugin < 2.49 - Authenticated XML External Entity Injection
Jan 23, 2018
CVSS 8.8
EPSS 0.01
CVE-2018-1000009
HIGH
Jenkins Checkstyle Plugin < 3.49 - XML External Entity Injection
Jan 23, 2018
CVSS 8.8
EPSS 0.01
CVE-2018-1000008
HIGH
Jenkins PMD Plugin < 3.49 - XML External Entity Injection
Jan 23, 2018
CVSS 8.8
EPSS 0.01
CVE-2017-2654
LOW
Jenkins Email Extension < 2.57.1 - Information Exposure via Dynamic Recipient List
Aug 06, 2018
CVSS 3.7
EPSS 0.01
CVE-2017-2652
HIGH
Jenkins Distributed Fork < 1.5.0 - Authenticated Remote Code Execution via dist-fork CLI Command
Jul 27, 2018
CVSS 8.8
EPSS 0.01
CVE-2017-2650
HIGH
Pipeline: Classpath Step - Authentication Bypass via Script Security Sandbox
Jul 27, 2018
CVSS 8.5
EPSS 0.01
CVE-2017-2649
HIGH
Jenkins Active Directory Plugin <= 2.2 - Improper Certificate Validation
Jul 27, 2018
CVSS 8.1
EPSS 0.01
CVE-2017-2648
MEDIUM
Jenkins SSH Slaves Plugin < 1.15 - Man-in-the-Middle via Missing Host Key Verification
Jul 27, 2018
CVSS 6.8
EPSS 0.01
CVE-2017-2651
LOW
Jenkins Mailer < 1.20 - Information Disclosure via Dynamic User List Feature
Jul 27, 2018
CVSS 3.7
EPSS 0.02
CVE-2017-2598
MEDIUM
Jenkins < 2.44 and < 2.32.2 - Inadequate Encryption Strength for Secrets
May 23, 2018
CVSS 4.3
EPSS 0.01
CVE-2017-2609
MEDIUM
Jenkins < 2.44 and < 2.32.2 - Unauthorized Information Disclosure via Search Suggestions
May 22, 2018
CVSS 4.3
EPSS 0.02
CVE-2017-2607
MEDIUM
Jenkins < 2.44 and < 2.32.2 - Stored Cross-Site Scripting via Console Notes
May 21, 2018
CVSS 4.2
EPSS 0.01
CVE-2017-2613
MEDIUM
Jenkins < 2.44 and < 2.32.2 - User Creation CSRF via GET Request
May 15, 2018
CVSS 5.4
EPSS 0.02
CVE-2017-2610
MEDIUM
Jenkins < 2.44 and < 2.32.2 - Stored Cross-Site Scripting in Search Suggestions
May 15, 2018
CVSS 5.4
EPSS 0.02
CVE-2017-2604
MEDIUM
Jenkins <2.44 - Privilege Escalation
May 15, 2018
CVSS 4.3
EPSS 0.01
CVE-2017-2603
LOW
Jenkins < 2.44 and 2.32.2 - User Data Leak in Disconnected Agents' config.xml API
May 15, 2018
CVSS 2.6
EPSS 0.01
CVE-2017-2602
LOW
Jenkins <2.44, 2.32.2 - Info Disclosure
May 15, 2018
CVSS 3.1
EPSS 0.02
CVE-2017-2612
MEDIUM
Jenkins <2.44, 2.32.2 - Privilege Escalation
May 15, 2018
CVSS 5.4
EPSS 0.02
Products
jenkins 267
pipeline\ 40
script_security 35
active_directory 12
blue_ocean 11
email_extension 11
git 11
build_failure_analyzer 9
config_file_provider 9
configuration_as_code 9
credentials_binding 8
github_branch_source 8
ns-nd_integration_performance_publisher 8
html_publisher 7
job_configuration_history 7
kubernetes 7
openid_connect_authentication 7
openshift_deployer 7
rundeck 7
subversion 7
amazon_ec2 6
azure_ad 6
azure_vm_agents 6
deployment_dashboard 6
electricflow 6
gerrit_trigger 6
git_client 6
git_parameter 6
github 6
github_pull_request_builder 6
Quick Filters