jenkins

1,798 tracked vulnerabilities.

CVE-2016-3721 MEDIUM
Jenkins <2.3, <1.651.2 - Command Injection
May 17, 2016
CVSS 4.3
EPSS 0.02
CVE-2016-0792 HIGH
Jenkins XStream Groovy classpath Deserialization Vulnerability
Apr 07, 2016
CVSS 8.8
EPSS 0.83
CVE-2016-0791 CRITICAL
Jenkins <1.650-1.642.2 - CSRF Bypass
Apr 07, 2016
CVSS 9.8
EPSS 0.03
CVE-2016-0790 MEDIUM
Jenkins <1.650-1.642.2 - Info Disclosure
Apr 07, 2016
CVSS 5.3
EPSS 0.02
CVE-2016-0789 MEDIUM
Jenkins <1.650-1.642.2 - CRLF Injection
Apr 07, 2016
CVSS 6.1
EPSS 0.02
CVE-2016-0788 CRITICAL
Jenkins < 1.650 - Remote Code Execution via JRMP Listener
Apr 07, 2016
CVSS 9.8
EPSS 0.12
CVE-2015-5298 MEDIUM
Google Login Plugin <1.2 - Auth Bypass
Jul 07, 2022
CVSS 6.5
EPSS 0.01
CVE-2015-1811 HIGH
CloudBees Jenkins < 1.596.1 and < 1.600 - XML External Entity Injection
Jan 15, 2020
CVSS 7.5
EPSS 0.01
CVE-2015-1809 HIGH
CloudBees Jenkins < 1.600 and LTS < 1.596.1 - XML External Entity Injection via XPath Query
Jan 15, 2020
CVSS 7.5
EPSS 0.01
CVE-2015-7539 HIGH
Jenkins < 1.640 and LTS < 1.625.2 - Unauthenticated Arbitrary Code Execution via Plugin Checksum Bypass
Feb 03, 2016
CVSS 7.5
EPSS 0.01
CVE-2015-7538 HIGH
Jenkins <1.640-1.625.2 - CSRF Bypass
Feb 03, 2016
CVSS 8.8
EPSS 0.02
CVE-2015-7537 HIGH
Jenkins <1.640-1.625.2 - CSRF
Feb 03, 2016
CVSS 8.8
EPSS 0.02
CVE-2015-7536 MEDIUM
Jenkins < 1.640 and LTS < 1.625.2 - Authenticated Cross-Site Scripting via Workspace and Archived Artifacts
Feb 03, 2016
CVSS 5.4
EPSS 0.01
CVE-2015-8103 CRITICAL
Jenkins CLI RMI Java Deserialization Vulnerability
Nov 25, 2015
CVSS 9.8
EPSS 0.87
CVE-2015-5326
Jenkins < 1.638 and LTS < 1.625.2 - Authenticated Cross-Site Scripting via Slave Offline Status Message
Nov 25, 2015
EPSS 0.02
CVE-2015-5325
Jenkins <1.638, <1.625.2 - Auth Bypass
Nov 25, 2015
EPSS 0.02
CVE-2015-5324
Jenkins <1.638-1.625.2 - Info Disclosure
Nov 25, 2015
EPSS 0.02
CVE-2015-5323
Jenkins <1.638-1.625.2 - Privilege Escalation
Nov 25, 2015
EPSS 0.01
CVE-2015-5322
Jenkins <1.638-1.625.2 - Path Traversal
Nov 25, 2015
EPSS 0.03
CVE-2015-5321
Jenkins <1.638, <1.625.2 - Info Disclosure
Nov 25, 2015
EPSS 0.02
CVE-2015-5320
Jenkins <1.638-1.625.2 - Info Disclosure
Nov 25, 2015
EPSS 0.02
CVE-2015-5319
OpenShift < 3.1 - XML External Entity Injection via create-job CLI Command
Nov 25, 2015
EPSS 0.02
CVE-2015-5318
Jenkins <1.638-1.625.2 - CSRF Bypass
Nov 25, 2015
EPSS 0.01
CVE-2015-5317 HIGH KEV
Jenkins <1.638-1.625.2 - Info Disclosure
Nov 25, 2015
CVSS 7.5
EPSS 0.22
CVE-2015-1814
Jenkins < 1.606 and LTS < 1.596.2 - Unauthenticated Privilege Escalation via Forced API Token Change
Oct 16, 2015
EPSS 0.02