org.jenkins-ci.plugins

1,035 tracked vulnerabilities.

CVE-2022-36913 MEDIUM
Jenkins Openstack Heat Plugin < 1.5 - Unauthenticated Path Disclosure via Form Validation
Jul 27, 2022
CVSS 4.3
EPSS 0.00
CVE-2022-36912 MEDIUM
Jenkins Openstack Heat Plugin < 1.5 - Server-Side Request Forgery via URL Connection
Jul 27, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-36911 MEDIUM
Jenkins Openstack Heat Plugin < 1.5 - Cross-Site Request Forgery
Jul 27, 2022
CVSS 6.5
EPSS 0.00
CVE-2022-36910 MEDIUM
Jenkins Lucene-Search Plugin < 370.v62a5f618cd3a - Missing Authorization in HTTP Endpoints
Jul 27, 2022
CVSS 5.4
EPSS 0.00
CVE-2022-36909 MEDIUM
Jenkins OpenShift Deployer Plugin < 1.2.0 - Missing Authorization
Jul 27, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-36908 MEDIUM
Jenkins OpenShift Deployer Plugin < 1.2.0 - Cross-Site Request Forgery
Jul 27, 2022
CVSS 6.5
EPSS 0.00
CVE-2022-36907 MEDIUM
Jenkins OpenShift Deployer Plugin < 1.2.0 - Missing Authorization
Jul 27, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-36906 MEDIUM
Jenkins OpenShift Deployer Plugin < 1.2.0 - Cross-Site Request Forgery
Jul 27, 2022
CVSS 6.5
EPSS 0.00
CVE-2022-36904 MEDIUM
Jenkins Repository Connector < 2.2.0 - Missing Authorization for File Path Existence Check
Jul 27, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-36903 MEDIUM
Jenkins Repository Connector < 2.2.0 - Missing Authorization for Credential ID Enumeration
Jul 27, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-36901 MEDIUM
Jenkins HTTP Request Plugin < 1.15 - Insufficiently Protected Credentials
Jul 27, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-36894 MEDIUM
Jenkins CLIF Performance Testing Plugin <64 - File Write
Jul 27, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-36893 MEDIUM
Jenkins rpmsign-plugin < 0.5.0 - Missing Authorization in Form Validation
Jul 27, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-36892 MEDIUM
Jenkins rhnpush-plugin < 0.5.1 - Missing Authorization in Form Validation
Jul 27, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-36891 MEDIUM
Jenkins Deployer Framework Plugin < 85.v1d1888e8c021 - Missing Authorization for Deployment Logs
Jul 27, 2022
CVSS 4.3
EPSS 0.00
CVE-2022-36890 MEDIUM
Jenkins Deployer Framework Plugin < 85.v1d1888e8c021 - Path Traversal via Form Validation
Jul 27, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-36889 HIGH
Jenkins Deployer Framework Plugin < 85.v1d1888e8c021 - Arbitrary File Upload via Application Path Configuration
Jul 27, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-36887 MEDIUM
Jenkins Job Configuration History Plugin < 1155.v28a_46a_cc06a_5 - Cross-Site Request Forgery
Jul 27, 2022
CVSS 4.3
EPSS 0.00
CVE-2022-36886 MEDIUM
Jenkins External Monitor Job Type Plugin < 191.v363d0d1efdf8 - Cross-Site Request Forgery
Jul 27, 2022
CVSS 4.3
EPSS 0.00
CVE-2022-36884 MEDIUM
Jenkins Git Plugin < 4.11.3 - Unauthenticated Information Disclosure via Webhook Endpoint
Jul 27, 2022
CVSS 5.3
EPSS 0.01
CVE-2022-36883 HIGH NUCLEI
Jenkins Git Plugin < 4.11.3 - Unauthenticated Build Trigger and Arbitrary Repository Checkout
Jul 27, 2022
CVSS 7.5
EPSS 0.06
CVE-2022-36882 HIGH
Jenkins Git Plugin < 4.11.3 - Cross-Site Request Forgery
Jul 27, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-36881 HIGH
Jenkins Git client Plugin <= 3.11.0 - SSH Host Key Verification Bypass
Jul 27, 2022
CVSS 8.1
EPSS 0.01
CVE-2022-34816 MEDIUM
Jenkins HPE Network Virtualization Plugin 1.0 - Insufficiently Protected Credentials
Jun 30, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-34815 MEDIUM
Jenkins Request Rename Or Delete Plugin < 1.1.0 - Cross-Site Request Forgery
Jun 30, 2022
CVSS 4.3
EPSS 0.00