jenkins
1,798 tracked vulnerabilities.
CVE-2016-3721
MEDIUM
Jenkins <2.3, <1.651.2 - Command Injection
May 17, 2016
CVSS 4.3
EPSS 0.02
CVE-2016-0792
HIGH
Jenkins XStream Groovy classpath Deserialization Vulnerability
Apr 07, 2016
CVSS 8.8
EPSS 0.83
CVE-2016-0791
CRITICAL
Jenkins <1.650-1.642.2 - CSRF Bypass
Apr 07, 2016
CVSS 9.8
EPSS 0.03
CVE-2016-0790
MEDIUM
Jenkins <1.650-1.642.2 - Info Disclosure
Apr 07, 2016
CVSS 5.3
EPSS 0.02
CVE-2016-0789
MEDIUM
Jenkins <1.650-1.642.2 - CRLF Injection
Apr 07, 2016
CVSS 6.1
EPSS 0.02
CVE-2016-0788
CRITICAL
Jenkins < 1.650 - Remote Code Execution via JRMP Listener
Apr 07, 2016
CVSS 9.8
EPSS 0.12
CVE-2015-5298
MEDIUM
Google Login Plugin <1.2 - Auth Bypass
Jul 07, 2022
CVSS 6.5
EPSS 0.01
CVE-2015-1811
HIGH
CloudBees Jenkins < 1.596.1 and < 1.600 - XML External Entity Injection
Jan 15, 2020
CVSS 7.5
EPSS 0.01
CVE-2015-1809
HIGH
CloudBees Jenkins < 1.600 and LTS < 1.596.1 - XML External Entity Injection via XPath Query
Jan 15, 2020
CVSS 7.5
EPSS 0.01
CVE-2015-7539
HIGH
Jenkins < 1.640 and LTS < 1.625.2 - Unauthenticated Arbitrary Code Execution via Plugin Checksum Bypass
Feb 03, 2016
CVSS 7.5
EPSS 0.01
CVE-2015-7538
HIGH
Jenkins <1.640-1.625.2 - CSRF Bypass
Feb 03, 2016
CVSS 8.8
EPSS 0.02
CVE-2015-7537
HIGH
Jenkins <1.640-1.625.2 - CSRF
Feb 03, 2016
CVSS 8.8
EPSS 0.02
CVE-2015-7536
MEDIUM
Jenkins < 1.640 and LTS < 1.625.2 - Authenticated Cross-Site Scripting via Workspace and Archived Artifacts
Feb 03, 2016
CVSS 5.4
EPSS 0.01
CVE-2015-8103
CRITICAL
Jenkins CLI RMI Java Deserialization Vulnerability
Nov 25, 2015
CVSS 9.8
EPSS 0.87
CVE-2015-5326
Jenkins < 1.638 and LTS < 1.625.2 - Authenticated Cross-Site Scripting via Slave Offline Status Message
Nov 25, 2015
EPSS 0.02
CVE-2015-5325
Jenkins <1.638, <1.625.2 - Auth Bypass
Nov 25, 2015
EPSS 0.02
CVE-2015-5324
Jenkins <1.638-1.625.2 - Info Disclosure
Nov 25, 2015
EPSS 0.02
CVE-2015-5323
Jenkins <1.638-1.625.2 - Privilege Escalation
Nov 25, 2015
EPSS 0.01
CVE-2015-5322
Jenkins <1.638-1.625.2 - Path Traversal
Nov 25, 2015
EPSS 0.03
CVE-2015-5321
Jenkins <1.638, <1.625.2 - Info Disclosure
Nov 25, 2015
EPSS 0.02
CVE-2015-5320
Jenkins <1.638-1.625.2 - Info Disclosure
Nov 25, 2015
EPSS 0.02
CVE-2015-5319
OpenShift < 3.1 - XML External Entity Injection via create-job CLI Command
Nov 25, 2015
EPSS 0.02
CVE-2015-5318
Jenkins <1.638-1.625.2 - CSRF Bypass
Nov 25, 2015
EPSS 0.01
CVE-2015-5317
HIGH
KEV
Jenkins <1.638-1.625.2 - Info Disclosure
Nov 25, 2015
CVSS 7.5
EPSS 0.22
CVE-2015-1814
Jenkins < 1.606 and LTS < 1.596.2 - Unauthenticated Privilege Escalation via Forced API Token Change
Oct 16, 2015
EPSS 0.02
Products
jenkins 267
pipeline\ 40
script_security 35
active_directory 12
blue_ocean 11
email_extension 11
git 11
build_failure_analyzer 9
config_file_provider 9
configuration_as_code 9
credentials_binding 8
github_branch_source 8
ns-nd_integration_performance_publisher 8
html_publisher 7
job_configuration_history 7
kubernetes 7
openid_connect_authentication 7
openshift_deployer 7
rundeck 7
subversion 7
amazon_ec2 6
azure_ad 6
azure_vm_agents 6
deployment_dashboard 6
electricflow 6
gerrit_trigger 6
git_client 6
git_parameter 6
github 6
github_pull_request_builder 6
Quick Filters