jenkins

1,798 tracked vulnerabilities.

CVE-2018-1000055 HIGH
Jenkins Android Lint Plugin <2.5 - SSRF/DoS
Feb 09, 2018
CVSS 8.3
EPSS 0.01
CVE-2018-1000054 HIGH
Jenkins CCM Plugin < 3.1 - XML External Entity Injection in Build Process
Feb 09, 2018
CVSS 8.3
EPSS 0.01
CVE-2018-1000015 MEDIUM
Jenkins Pipeline: Nodes and Processes < 2.17 - Missing Authorization for Pipeline Node Blocks
Jan 23, 2018
CVSS 4.8
EPSS 0.01
CVE-2018-1000014 HIGH
Jenkins Translation Assistance Plugin < 1.15 - Cross-Site Request Forgery
Jan 23, 2018
CVSS 8.8
EPSS 0.01
CVE-2018-1000013 HIGH
Jenkins Release Plugin < 2.9 - Cross-Site Request Forgery via Form Submission
Jan 23, 2018
CVSS 8.8
EPSS 0.01
CVE-2018-1000012 HIGH
Jenkins Warnings Plugin < 4.64 - XML External Entity Injection
Jan 23, 2018
CVSS 8.8
EPSS 0.01
CVE-2018-1000011 HIGH
Jenkins FindBugs Plugin < 4.71 - XML External Entity Injection in Build Process
Jan 23, 2018
CVSS 8.8
EPSS 0.01
CVE-2018-1000010 HIGH
Jenkins DRY Plugin < 2.49 - Authenticated XML External Entity Injection
Jan 23, 2018
CVSS 8.8
EPSS 0.01
CVE-2018-1000009 HIGH
Jenkins Checkstyle Plugin < 3.49 - XML External Entity Injection
Jan 23, 2018
CVSS 8.8
EPSS 0.01
CVE-2018-1000008 HIGH
Jenkins PMD Plugin < 3.49 - XML External Entity Injection
Jan 23, 2018
CVSS 8.8
EPSS 0.01
CVE-2017-2654 LOW
Jenkins Email Extension < 2.57.1 - Information Exposure via Dynamic Recipient List
Aug 06, 2018
CVSS 3.7
EPSS 0.01
CVE-2017-2652 HIGH
Jenkins Distributed Fork < 1.5.0 - Authenticated Remote Code Execution via dist-fork CLI Command
Jul 27, 2018
CVSS 8.8
EPSS 0.01
CVE-2017-2650 HIGH
Pipeline: Classpath Step - Authentication Bypass via Script Security Sandbox
Jul 27, 2018
CVSS 8.5
EPSS 0.01
CVE-2017-2649 HIGH
Jenkins Active Directory Plugin <= 2.2 - Improper Certificate Validation
Jul 27, 2018
CVSS 8.1
EPSS 0.01
CVE-2017-2648 MEDIUM
Jenkins SSH Slaves Plugin < 1.15 - Man-in-the-Middle via Missing Host Key Verification
Jul 27, 2018
CVSS 6.8
EPSS 0.01
CVE-2017-2651 LOW
Jenkins Mailer < 1.20 - Information Disclosure via Dynamic User List Feature
Jul 27, 2018
CVSS 3.7
EPSS 0.02
CVE-2017-2598 MEDIUM
Jenkins < 2.44 and < 2.32.2 - Inadequate Encryption Strength for Secrets
May 23, 2018
CVSS 4.3
EPSS 0.01
CVE-2017-2609 MEDIUM
Jenkins < 2.44 and < 2.32.2 - Unauthorized Information Disclosure via Search Suggestions
May 22, 2018
CVSS 4.3
EPSS 0.02
CVE-2017-2607 MEDIUM
Jenkins < 2.44 and < 2.32.2 - Stored Cross-Site Scripting via Console Notes
May 21, 2018
CVSS 4.2
EPSS 0.01
CVE-2017-2613 MEDIUM
Jenkins < 2.44 and < 2.32.2 - User Creation CSRF via GET Request
May 15, 2018
CVSS 5.4
EPSS 0.02
CVE-2017-2610 MEDIUM
Jenkins < 2.44 and < 2.32.2 - Stored Cross-Site Scripting in Search Suggestions
May 15, 2018
CVSS 5.4
EPSS 0.02
CVE-2017-2604 MEDIUM
Jenkins <2.44 - Privilege Escalation
May 15, 2018
CVSS 4.3
EPSS 0.01
CVE-2017-2603 LOW
Jenkins < 2.44 and 2.32.2 - User Data Leak in Disconnected Agents' config.xml API
May 15, 2018
CVSS 2.6
EPSS 0.01
CVE-2017-2602 LOW
Jenkins <2.44, 2.32.2 - Info Disclosure
May 15, 2018
CVSS 3.1
EPSS 0.02
CVE-2017-2612 MEDIUM
Jenkins <2.44, 2.32.2 - Privilege Escalation
May 15, 2018
CVSS 5.4
EPSS 0.02