jenkins

1,798 tracked vulnerabilities.

CVE-2024-23899 MEDIUM
Jenkins Git Server Plugin < 99.va_0826a_b_cdfa_d - Arbitrary File Read via Command Parser
Jan 24, 2024
CVSS 6.5
EPSS 0.01
CVE-2024-23898 HIGH
Jenkins 2.217-2.441 and LTS 2.222.1-2.426.2 - Cross-Site WebSocket Hijacking via CLI Endpoint
Jan 24, 2024
CVSS 8.8
EPSS 0.67
CVE-2024-23897 CRITICAL KEVNUCLEI
Jenkins cli Ampersand Replacement Arbitrary File Read
Jan 24, 2024
CVSS 9.8
EPSS 1.00
CVE-2023-50779 MEDIUM
Jenkins PaaSLane Estimate Plugin < 1.0.4 - Missing Authorization
Dec 13, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-50778 HIGH
Jenkins PaaSLane Estimate Plugin < 1.0.4 - Cross-Site Request Forgery
Dec 13, 2023
CVSS 8.8
EPSS 0.00
CVE-2023-50777 MEDIUM
Jenkins PaaSLane Estimate Plugin <= 1.0.4 - Cleartext Storage of Sensitive Information
Dec 13, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-50776 MEDIUM
Jenkins PaaSLane Estimate Plugin <= 1.0.4 - Cleartext Storage of Sensitive Information in Job config.xml
Dec 13, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-50775 MEDIUM
Jenkins Deployment Dashboard Plugin < 1.0.10 - Cross-Site Request Forgery
Dec 13, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-50774 HIGH
Jenkins HTMLResource Plugin 1.02 - Cross-Site Request Forgery
Dec 13, 2023
CVSS 8.1
EPSS 0.00
CVE-2023-50773 MEDIUM
Jenkins Dingding JSON Pusher Plugin < 2.0 - Cleartext Storage of Sensitive Information
Dec 13, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-50772 MEDIUM
Jenkins Dingding JSON Pusher Plugin <= 2.0 - Cleartext Storage of Sensitive Information in Job Config
Dec 13, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-50771 MEDIUM
Jenkins OpenId Connect Authentication Plugin < 2.6 - Open Redirect via Login Redirect URL
Dec 13, 2023
CVSS 6.1
EPSS 0.01
CVE-2023-50770 MEDIUM
Jenkins OpenId Connect Authentication Plugin < 2.6 - Insufficiently Protected Credentials
Dec 13, 2023
CVSS 6.7
EPSS 0.00
CVE-2023-50769 MEDIUM
Jenkins Nexus Platform Plugin < 3.18.0-03 - Missing Authorization
Dec 13, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-50768 HIGH
Jenkins Nexus Platform Plugin < 3.18.0-03 - Cross-Site Request Forgery
Dec 13, 2023
CVSS 8.8
EPSS 0.00
CVE-2023-50767 MEDIUM
Jenkins Nexus Platform Plugin < 3.18.0-03 - Server-Side Request Forgery via XML Response Parsing
Dec 13, 2023
CVSS 5.4
EPSS 0.00
CVE-2023-50766 HIGH
Jenkins Nexus Platform Plugin < 3.18.0-03 - Cross-Site Request Forgery
Dec 13, 2023
CVSS 8.8
EPSS 0.00
CVE-2023-50765 MEDIUM
Jenkins Scriptler Plugin < 342.v6a_89fd40f466 - Unauthorized Groovy Script Content Read via Script ID
Dec 13, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-50764 HIGH
Jenkins Scriptler Plugin <342.v6a_89fd40f466 - File Deletion
Dec 13, 2023
CVSS 8.1
EPSS 0.01
CVE-2023-49674 MEDIUM
Jenkins NeuVector Vulnerability Scanner < 1.22 - Missing Authorization
Nov 29, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-49673 HIGH
Jenkins NeuVector Vulnerability Scanner < 2.2 - Cross-Site Request Forgery
Nov 29, 2023
CVSS 8.8
EPSS 0.00
CVE-2023-49656 CRITICAL
Jenkins MATLAB Plugin < 2.11.1 - XML External Entity Injection
Nov 29, 2023
CVSS 9.8
EPSS 0.01
CVE-2023-49655 HIGH
Jenkins MATLAB Plugin < 2.11.1 - Cross-Site Request Forgery
Nov 29, 2023
CVSS 8.8
EPSS 0.00
CVE-2023-49654 CRITICAL
Jenkins MATLAB Plugin < 2.11.1 - Unauthenticated XML File Parsing via Missing Permission Checks
Nov 29, 2023
CVSS 9.8
EPSS 0.01
CVE-2023-49653 MEDIUM
Jenkins Jira Plugin < 3.11 - Insufficiently Protected Credentials
Nov 29, 2023
CVSS 6.5
EPSS 0.01