jenkins

1,798 tracked vulnerabilities.

CVE-2025-24399 HIGH
Jenkins Openid Connect Authentication - Incorrect Default Permissions
Jan 22, 2025
CVSS 8.8
EPSS 0.01
CVE-2025-24398 HIGH
Jenkins Bitbucket Server Integration Plugin 2.1.0-4.1.3 - Cross-Site Request Forgery Protection Bypass
Jan 22, 2025
CVSS 8.8
EPSS 0.00
CVE-2025-24397 MEDIUM
Jenkins GitLab Plugin < 1.9.6 - Incorrect Authorization via Global Item/Configure Permission
Jan 22, 2025
CVSS 4.3
EPSS 0.00
CVE-2024-9453 MEDIUM
Jenkins - Sensitive Information Exposure via Unobfuscated Bearer Token in Logs
Jul 04, 2025
CVSS 6.5
EPSS 0.00
CVE-2024-54004 MEDIUM
Jenkins Filesystem List Parameter Plugin <0.0.14 - Info Disclosure
Nov 27, 2024
CVSS 4.3
EPSS 0.01
CVE-2024-54003 HIGH
Jenkins Simple Queue Plugin <1.4.4 - XSS
Nov 27, 2024
CVSS 8.0
EPSS 0.80
CVE-2024-52554 HIGH
Jenkins Shared Library Version Override Plugin < 17.v786074c9fce7 - Missing Authorization
Nov 13, 2024
CVSS 8.8
EPSS 0.01
CVE-2024-52553 HIGH
Jenkins OpenId Connect Authentication Plugin < 4.421.v5422614eb_e0a - Insufficient Session Expiration
Nov 13, 2024
CVSS 8.8
EPSS 0.01
CVE-2024-52552 HIGH
Jenkins Authorize Project Plugin < 1.7.2 - Stored Cross-Site Scripting via Job Name Evaluation
Nov 13, 2024
CVSS 8.0
EPSS 0.01
CVE-2024-52551 HIGH
Jenkins Pipeline < 2.2214.vb_b_34b_2ea_9b_83 - Unapproved Script Execution via Build Restart
Nov 13, 2024
CVSS 8.0
EPSS 0.01
CVE-2024-52550 HIGH
Jenkins Pipeline: Groovy Plugin <3990.vd281dd77a_388 - Improper Input Validation
Nov 13, 2024
CVSS 8.0
EPSS 0.00
CVE-2024-52549 MEDIUM
Jenkins Script Security Plugin - Missing Authorization for File Existence Check
Nov 13, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-47807 HIGH
Jenkins OpenId Connect Authentication Plugin <4.354.321ce67a-1de8 -...
Oct 02, 2024
CVSS 8.1
EPSS 0.01
CVE-2024-47806 HIGH
Jenkins OpenId Connect Authentication Plugin <4.354.v321ce67a_1de8 ...
Oct 02, 2024
CVSS 8.1
EPSS 0.01
CVE-2024-47805 HIGH
Jenkins Credentials Plugin <1380.va - Info Disclosure
Oct 02, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-47804 MEDIUM
Jenkins < 2.462.3 and < 2.479 - Unauthenticated Item Creation Restriction Bypass via CLI or REST API
Oct 02, 2024
CVSS 4.3
EPSS 0.01
CVE-2024-47803 MEDIUM
Jenkins < 2.462.3 and < 2.479 - Sensitive Information Exposure in Error Messages
Oct 02, 2024
CVSS 4.3
EPSS 0.01
CVE-2024-43045 MEDIUM
Jenkins <2.470-<2.452.3 - Info Disclosure
Aug 07, 2024
CVSS 6.3
EPSS 0.04
CVE-2024-43044 HIGH
Jenkins < 2.452.4 and < 2.471 - Arbitrary File Read via ClassLoaderProxy#fetchJar
Aug 07, 2024
CVSS 8.8
EPSS 0.29
CVE-2024-39460 MEDIUM
Jenkins Bitbucket Branch Source Plugin <= 886.v44cf5e4ecec5 - Sensitive Information Exposure in Build Log
Jun 26, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-39459 MEDIUM
Jenkins Plain Credentials Plugin <182.v468b_97b_9dcb_8 - Info Discl...
Jun 26, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-39458 LOW
Jenkins Structs < 337.v1b_04ea_4df7c8 - Sensitive Information Exposure in Build Step Error Logs
Jun 26, 2024
CVSS 3.1
EPSS 0.00
CVE-2024-5273 MEDIUM
Jenkins Report Info Plugin < 1.2 - Path Traversal via Workspace Directory
May 24, 2024
CVSS 4.3
EPSS 0.01
CVE-2024-34148 MEDIUM
Jenkins Subversion Partial Release Manager Plugin <1.0.1 - RCE
May 02, 2024
CVSS 6.8
EPSS 0.01
CVE-2024-34147 MEDIUM
Jenkins Telegram Bot Plugin <1.4.0 - Info Disclosure
May 02, 2024
CVSS 4.3
EPSS 0.01