jenkins

1,798 tracked vulnerabilities.

CVE-2017-1000389 MEDIUM
Jenkins global-build-stats <1.4 - CSRF/XSS
Jan 26, 2018
CVSS 6.1
EPSS 0.01
CVE-2017-1000388 MEDIUM
Jenkins Dependency Graph Viewer <0.12 - Privilege Escalation
Jan 26, 2018
CVSS 4.3
EPSS 0.01
CVE-2017-1000387 HIGH
Jenkins Build-Publisher <1.21 - Info Disclosure
Jan 26, 2018
CVSS 7.8
EPSS 0.00
CVE-2017-1000386 MEDIUM
Jenkins Active Choices <1.5.3 - XSS
Jan 26, 2018
CVSS 5.4
EPSS 0.01
CVE-2017-1000505 MEDIUM
Jenkins Script Security Plugin <1.36 - Info Disclosure
Jan 25, 2018
CVSS 6.5
EPSS 0.01
CVE-2017-1000504 HIGH
Jenkins < 2.89.1, < 2.94, >=2.81 <2.89.2 - Cross-Site Request Forgery via Race Condition During Startup
Jan 24, 2018
CVSS 8.1
EPSS 0.01
CVE-2017-1000503 HIGH
Jenkins 2.81-2.94 and 2.89.1 - Race Condition during Initialization
Jan 24, 2018
CVSS 8.1
EPSS 0.01
CVE-2017-1000502 HIGH
Jenkins EC2 < 1.37 - Authenticated OS Command Injection via Agent Configuration
Jan 24, 2018
CVSS 8.8
EPSS 0.02
CVE-2017-17383 MEDIUM
Jenkins < 2.94 - Authenticated Cross-Site Scripting via Job Configuration Tool Name
Dec 06, 2017
CVSS 4.7
EPSS 0.01
CVE-2017-1000245 CRITICAL
Jenkins SSH Plugin < 2.4 - Insufficiently Protected Credentials
Nov 01, 2017
CVSS 9.8
EPSS 0.01
CVE-2017-1000244 HIGH
Jenkins Favorite Plugin <2.2.0 - CSRF
Nov 01, 2017
CVSS 8.8
EPSS 0.01
CVE-2017-1000243 MEDIUM
Jenkins Favorite Plugin <2.1.4 - Privilege Escalation
Nov 01, 2017
CVSS 4.3
EPSS 0.01
CVE-2017-1000242 LOW
Jenkins Git Client Plugin <2.4.2 - Info Disclosure
Nov 01, 2017
CVSS 3.3
EPSS 0.00
CVE-2017-1000114 LOW
Datadog Plugin < 0.5.6 and 0.6.0-0.6.1 - API Key Exposure via Plaintext Transmission in Configuration Form
Oct 05, 2017
CVSS 3.1
EPSS 0.01
CVE-2017-1000113 MEDIUM
Deploy to Container Plugin - Info Disclosure
Oct 05, 2017
CVSS 5.5
EPSS 0.00
CVE-2017-1000110 MEDIUM
Blue Ocean < 1.1.5 - Improper Authentication in GitHub Organization Folder Configuration
Oct 05, 2017
CVSS 4.3
EPSS 0.01
CVE-2017-1000109 MEDIUM
OWASP Dependency-Check Plugin - XSS
Oct 05, 2017
CVSS 6.1
EPSS 0.01
CVE-2017-1000108 HIGH
Pipeline: Input Step Plugin - Info Disclosure
Oct 05, 2017
CVSS 7.5
EPSS 0.01
CVE-2017-1000107 HIGH
Script Security Plugin - Code Injection
Oct 05, 2017
CVSS 8.8
EPSS 0.01
CVE-2017-1000106 HIGH
Blue Ocean < 1.1.5 - Unauthenticated Arbitrary Commit and File Read via SCM Content REST API
Oct 05, 2017
CVSS 8.5
EPSS 0.01
CVE-2017-1000105 MEDIUM
Blue Ocean - Missing Authorization for Archived Artifacts
Oct 05, 2017
CVSS 5.3
EPSS 0.01
CVE-2017-1000104 MEDIUM
Config File Provider Plugin < 2.16.1 - Unauthenticated Sensitive File Access
Oct 05, 2017
CVSS 6.5
EPSS 0.01
CVE-2017-1000103 MEDIUM
Static Analysis Utilities - DRY Plugin - XSS
Oct 05, 2017
CVSS 5.4
EPSS 0.01
CVE-2017-1000102 MEDIUM
Static Analysis Utilities < 1.91 - Stored Cross-Site Scripting in Details View
Oct 05, 2017
CVSS 5.4
EPSS 0.01
CVE-2017-1000096 HIGH
Jenkins Pipeline < 2.36 - Arbitrary Code Execution via Incomplete Sandbox Protection
Oct 05, 2017
CVSS 8.8
EPSS 0.02