jenkins
1,798 tracked vulnerabilities.
CVE-2017-1000389
MEDIUM
Jenkins global-build-stats <1.4 - CSRF/XSS
Jan 26, 2018
CVSS 6.1
EPSS 0.01
CVE-2017-1000388
MEDIUM
Jenkins Dependency Graph Viewer <0.12 - Privilege Escalation
Jan 26, 2018
CVSS 4.3
EPSS 0.01
CVE-2017-1000387
HIGH
Jenkins Build-Publisher <1.21 - Info Disclosure
Jan 26, 2018
CVSS 7.8
EPSS 0.00
CVE-2017-1000386
MEDIUM
Jenkins Active Choices <1.5.3 - XSS
Jan 26, 2018
CVSS 5.4
EPSS 0.01
CVE-2017-1000505
MEDIUM
Jenkins Script Security Plugin <1.36 - Info Disclosure
Jan 25, 2018
CVSS 6.5
EPSS 0.01
CVE-2017-1000504
HIGH
Jenkins < 2.89.1, < 2.94, >=2.81 <2.89.2 - Cross-Site Request Forgery via Race Condition During Startup
Jan 24, 2018
CVSS 8.1
EPSS 0.01
CVE-2017-1000503
HIGH
Jenkins 2.81-2.94 and 2.89.1 - Race Condition during Initialization
Jan 24, 2018
CVSS 8.1
EPSS 0.01
CVE-2017-1000502
HIGH
Jenkins EC2 < 1.37 - Authenticated OS Command Injection via Agent Configuration
Jan 24, 2018
CVSS 8.8
EPSS 0.02
CVE-2017-17383
MEDIUM
Jenkins < 2.94 - Authenticated Cross-Site Scripting via Job Configuration Tool Name
Dec 06, 2017
CVSS 4.7
EPSS 0.01
CVE-2017-1000245
CRITICAL
Jenkins SSH Plugin < 2.4 - Insufficiently Protected Credentials
Nov 01, 2017
CVSS 9.8
EPSS 0.01
CVE-2017-1000244
HIGH
Jenkins Favorite Plugin <2.2.0 - CSRF
Nov 01, 2017
CVSS 8.8
EPSS 0.01
CVE-2017-1000243
MEDIUM
Jenkins Favorite Plugin <2.1.4 - Privilege Escalation
Nov 01, 2017
CVSS 4.3
EPSS 0.01
CVE-2017-1000242
LOW
Jenkins Git Client Plugin <2.4.2 - Info Disclosure
Nov 01, 2017
CVSS 3.3
EPSS 0.00
CVE-2017-1000114
LOW
Datadog Plugin < 0.5.6 and 0.6.0-0.6.1 - API Key Exposure via Plaintext Transmission in Configuration Form
Oct 05, 2017
CVSS 3.1
EPSS 0.01
CVE-2017-1000113
MEDIUM
Deploy to Container Plugin - Info Disclosure
Oct 05, 2017
CVSS 5.5
EPSS 0.00
CVE-2017-1000110
MEDIUM
Blue Ocean < 1.1.5 - Improper Authentication in GitHub Organization Folder Configuration
Oct 05, 2017
CVSS 4.3
EPSS 0.01
CVE-2017-1000109
MEDIUM
OWASP Dependency-Check Plugin - XSS
Oct 05, 2017
CVSS 6.1
EPSS 0.01
CVE-2017-1000108
HIGH
Pipeline: Input Step Plugin - Info Disclosure
Oct 05, 2017
CVSS 7.5
EPSS 0.01
CVE-2017-1000107
HIGH
Script Security Plugin - Code Injection
Oct 05, 2017
CVSS 8.8
EPSS 0.01
CVE-2017-1000106
HIGH
Blue Ocean < 1.1.5 - Unauthenticated Arbitrary Commit and File Read via SCM Content REST API
Oct 05, 2017
CVSS 8.5
EPSS 0.01
CVE-2017-1000105
MEDIUM
Blue Ocean - Missing Authorization for Archived Artifacts
Oct 05, 2017
CVSS 5.3
EPSS 0.01
CVE-2017-1000104
MEDIUM
Config File Provider Plugin < 2.16.1 - Unauthenticated Sensitive File Access
Oct 05, 2017
CVSS 6.5
EPSS 0.01
CVE-2017-1000103
MEDIUM
Static Analysis Utilities - DRY Plugin - XSS
Oct 05, 2017
CVSS 5.4
EPSS 0.01
CVE-2017-1000102
MEDIUM
Static Analysis Utilities < 1.91 - Stored Cross-Site Scripting in Details View
Oct 05, 2017
CVSS 5.4
EPSS 0.01
CVE-2017-1000096
HIGH
Jenkins Pipeline < 2.36 - Arbitrary Code Execution via Incomplete Sandbox Protection
Oct 05, 2017
CVSS 8.8
EPSS 0.02
Products
jenkins 267
pipeline\ 40
script_security 35
active_directory 12
blue_ocean 11
email_extension 11
git 11
build_failure_analyzer 9
config_file_provider 9
configuration_as_code 9
credentials_binding 8
github_branch_source 8
ns-nd_integration_performance_publisher 8
html_publisher 7
job_configuration_history 7
kubernetes 7
openid_connect_authentication 7
openshift_deployer 7
rundeck 7
subversion 7
amazon_ec2 6
azure_ad 6
azure_vm_agents 6
deployment_dashboard 6
electricflow 6
gerrit_trigger 6
git_client 6
git_parameter 6
github 6
github_pull_request_builder 6
Quick Filters