org.jenkins-ci.plugins

1,035 tracked vulnerabilities.

CVE-2023-24438 MEDIUM
Jenkins JIRA Pipeline Steps Plugin <2.0.165.v8846cf59f3db - SSRF
Jan 26, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-24437 HIGH
Jenkins JIRA Pipeline Steps Plugin <2.0.165.v8846cf59f3db - CSRF
Jan 26, 2023
CVSS 8.8
EPSS 0.01
CVE-2023-24436 MEDIUM
Jenkins GitHub Pull Request Builder Plugin <1.42.2 - Info Disclosure
Jan 26, 2023
CVSS 4.3
EPSS 0.01
CVE-2023-24435 MEDIUM
Jenkins GitHub Pull Request Builder Plugin <1.42.2 - SSRF
Jan 26, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-24434 HIGH
Jenkins GitHub Pull Request Builder Plugin <1.42.2 - CSRF
Jan 26, 2023
CVSS 8.8
EPSS 0.01
CVE-2023-24430 CRITICAL
Jenkins Semantic Versioning Plugin <1.14 - XXE
Jan 26, 2023
CVSS 9.8
EPSS 0.01
CVE-2023-24429 CRITICAL
Jenkins Semantic Versioning Plugin <1.14 - SSRF
Jan 26, 2023
CVSS 9.8
EPSS 0.01
CVE-2023-24428 MEDIUM
Jenkins Bitbucket OAuth Plugin <0.12 - CSRF
Jan 26, 2023
CVSS 5.7
EPSS 0.00
CVE-2023-24427 CRITICAL
Jenkins Bitbucket OAuth Plugin <0.12 - Auth Bypass
Jan 26, 2023
CVSS 9.8
EPSS 0.01
CVE-2023-24426 HIGH
Jenkins Azure AD Plugin <303.va_91ef20ee49f - Auth Bypass
Jan 26, 2023
CVSS 8.8
EPSS 0.01
CVE-2023-24424 HIGH
Jenkins OpenId Connect Authentication Plugin <2.4 - Auth Bypass
Jan 26, 2023
CVSS 8.8
EPSS 0.01
CVE-2023-24422 HIGH
Jenkins Script Security Plugin <1228.vd93135a_2fb_25 - Sandbox Bypass via Map Constructors
Jan 26, 2023
CVSS 8.8
EPSS 0.01
CVE-2022-46688 MEDIUM
Jenkins Sonar Gerrit Plugin <377.v8f3808963dc5 - CSRF
Dec 12, 2022
CVSS 6.5
EPSS 0.00
CVE-2022-46685 MEDIUM
Jenkins Gitea Plugin <1.4.4 - Info Disclosure
Dec 12, 2022
CVSS 4.3
EPSS 0.00
CVE-2022-46683 MEDIUM
Jenkins Google Login Plugin <1.7 - Open Redirect
Dec 12, 2022
CVSS 6.1
EPSS 0.01
CVE-2022-46682 CRITICAL
Jenkins Plot Plugin < 2.1.12 - XML External Entity Injection
Dec 12, 2022
CVSS 9.8
EPSS 0.01
CVE-2022-45394 MEDIUM
Jenkins Delete log Plugin < 1.0 - Missing Authorization for Build Log Deletion
Nov 15, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-45393 LOW
Jenkins Delete log Plugin < 1.0 - Cross-Site Request Forgery
Nov 15, 2022
CVSS 3.5
EPSS 0.00
CVE-2022-45387 MEDIUM
Jenkins BART Plugin < 1.0.3 - Stored Cross-Site Scripting in Build Log Renderer
Nov 15, 2022
CVSS 5.4
EPSS 0.01
CVE-2022-45386 MEDIUM
Jenkins Violations Plugin < 0.7.11 - XML External Entity Injection
Nov 15, 2022
CVSS 5.5
EPSS 0.00
CVE-2022-45385 HIGH
Jenkins CloudBees Docker Hub/Registry Notification Plugin < 2.6.2.1 - Unauthenticated Build Trigger
Nov 15, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-45383 MEDIUM
Jenkins Support Core Plugin < 1206.1208.v9b_7a_1d48db_0f - Incorrect Authorization
Nov 15, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-45382 MEDIUM
Jenkins Naginator Plugin < 1.18.2 - Stored Cross-Site Scripting via Build Display Name
Nov 15, 2022
CVSS 5.4
EPSS 0.01
CVE-2022-45381 HIGH
Jenkins Pipeline Utility Steps < 2.13.2 - Arbitrary File Read via Apache Commons Configuration Interpolator
Nov 15, 2022
CVSS 8.1
EPSS 0.01
CVE-2022-45380 MEDIUM
Jenkins JUnit Plugin < 1160.vf1f01a_a_ea_b_7f - Stored Cross-Site Scripting via Test Report URL Conversion
Nov 15, 2022
CVSS 5.4
EPSS 0.01