jenkins
1,798 tracked vulnerabilities.
CVE-2025-24399
HIGH
Jenkins Openid Connect Authentication - Incorrect Default Permissions
Jan 22, 2025
CVSS 8.8
EPSS 0.01
CVE-2025-24398
HIGH
Jenkins Bitbucket Server Integration Plugin 2.1.0-4.1.3 - Cross-Site Request Forgery Protection Bypass
Jan 22, 2025
CVSS 8.8
EPSS 0.00
CVE-2025-24397
MEDIUM
Jenkins GitLab Plugin < 1.9.6 - Incorrect Authorization via Global Item/Configure Permission
Jan 22, 2025
CVSS 4.3
EPSS 0.00
CVE-2024-9453
MEDIUM
Jenkins - Sensitive Information Exposure via Unobfuscated Bearer Token in Logs
Jul 04, 2025
CVSS 6.5
EPSS 0.00
CVE-2024-54004
MEDIUM
Jenkins Filesystem List Parameter Plugin <0.0.14 - Info Disclosure
Nov 27, 2024
CVSS 4.3
EPSS 0.01
CVE-2024-54003
HIGH
Jenkins Simple Queue Plugin <1.4.4 - XSS
Nov 27, 2024
CVSS 8.0
EPSS 0.80
CVE-2024-52554
HIGH
Jenkins Shared Library Version Override Plugin < 17.v786074c9fce7 - Missing Authorization
Nov 13, 2024
CVSS 8.8
EPSS 0.01
CVE-2024-52553
HIGH
Jenkins OpenId Connect Authentication Plugin < 4.421.v5422614eb_e0a - Insufficient Session Expiration
Nov 13, 2024
CVSS 8.8
EPSS 0.01
CVE-2024-52552
HIGH
Jenkins Authorize Project Plugin < 1.7.2 - Stored Cross-Site Scripting via Job Name Evaluation
Nov 13, 2024
CVSS 8.0
EPSS 0.01
CVE-2024-52551
HIGH
Jenkins Pipeline < 2.2214.vb_b_34b_2ea_9b_83 - Unapproved Script Execution via Build Restart
Nov 13, 2024
CVSS 8.0
EPSS 0.01
CVE-2024-52550
HIGH
Jenkins Pipeline: Groovy Plugin <3990.vd281dd77a_388 - Improper Input Validation
Nov 13, 2024
CVSS 8.0
EPSS 0.00
CVE-2024-52549
MEDIUM
Jenkins Script Security Plugin - Missing Authorization for File Existence Check
Nov 13, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-47807
HIGH
Jenkins OpenId Connect Authentication Plugin <4.354.321ce67a-1de8 -...
Oct 02, 2024
CVSS 8.1
EPSS 0.01
CVE-2024-47806
HIGH
Jenkins OpenId Connect Authentication Plugin <4.354.v321ce67a_1de8 ...
Oct 02, 2024
CVSS 8.1
EPSS 0.01
CVE-2024-47805
HIGH
Jenkins Credentials Plugin <1380.va - Info Disclosure
Oct 02, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-47804
MEDIUM
Jenkins < 2.462.3 and < 2.479 - Unauthenticated Item Creation Restriction Bypass via CLI or REST API
Oct 02, 2024
CVSS 4.3
EPSS 0.01
CVE-2024-47803
MEDIUM
Jenkins < 2.462.3 and < 2.479 - Sensitive Information Exposure in Error Messages
Oct 02, 2024
CVSS 4.3
EPSS 0.01
CVE-2024-43045
MEDIUM
Jenkins <2.470-<2.452.3 - Info Disclosure
Aug 07, 2024
CVSS 6.3
EPSS 0.04
CVE-2024-43044
HIGH
Jenkins < 2.452.4 and < 2.471 - Arbitrary File Read via ClassLoaderProxy#fetchJar
Aug 07, 2024
CVSS 8.8
EPSS 0.29
CVE-2024-39460
MEDIUM
Jenkins Bitbucket Branch Source Plugin <= 886.v44cf5e4ecec5 - Sensitive Information Exposure in Build Log
Jun 26, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-39459
MEDIUM
Jenkins Plain Credentials Plugin <182.v468b_97b_9dcb_8 - Info Discl...
Jun 26, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-39458
LOW
Jenkins Structs < 337.v1b_04ea_4df7c8 - Sensitive Information Exposure in Build Step Error Logs
Jun 26, 2024
CVSS 3.1
EPSS 0.00
CVE-2024-5273
MEDIUM
Jenkins Report Info Plugin < 1.2 - Path Traversal via Workspace Directory
May 24, 2024
CVSS 4.3
EPSS 0.01
CVE-2024-34148
MEDIUM
Jenkins Subversion Partial Release Manager Plugin <1.0.1 - RCE
May 02, 2024
CVSS 6.8
EPSS 0.01
CVE-2024-34147
MEDIUM
Jenkins Telegram Bot Plugin <1.4.0 - Info Disclosure
May 02, 2024
CVSS 4.3
EPSS 0.01
Products
jenkins 267
pipeline\ 40
script_security 35
active_directory 12
blue_ocean 11
email_extension 11
git 11
build_failure_analyzer 9
config_file_provider 9
configuration_as_code 9
credentials_binding 8
github_branch_source 8
ns-nd_integration_performance_publisher 8
html_publisher 7
job_configuration_history 7
kubernetes 7
openid_connect_authentication 7
openshift_deployer 7
rundeck 7
subversion 7
amazon_ec2 6
azure_ad 6
azure_vm_agents 6
deployment_dashboard 6
electricflow 6
gerrit_trigger 6
git_client 6
git_parameter 6
github 6
github_pull_request_builder 6
Quick Filters