org.jenkins-ci.plugins

1,035 tracked vulnerabilities.

CVE-2022-29048 MEDIUM
Jenkins Subversion Plugin <2.15.3 - CSRF
Apr 12, 2022
CVSS 4.3
EPSS 0.02
CVE-2022-29046 MEDIUM
Jenkins Subversion Plugin <2.15.3 - XSS
Apr 12, 2022
CVSS 5.4
EPSS 0.02
CVE-2022-29045 MEDIUM
Jenkins promoted builds Plugin <873.v6149db_d64130 - XSS
Apr 12, 2022
CVSS 5.4
EPSS 0.01
CVE-2022-29044 MEDIUM
Jenkins Node and Label parameter Plugin <1.10.3 - XSS
Apr 12, 2022
CVSS 5.4
EPSS 0.01
CVE-2022-29043 MEDIUM
Jenkins Mask Passwords Plugin <3.0 - XSS
Apr 12, 2022
CVSS 5.4
EPSS 0.01
CVE-2022-29042 MEDIUM
Jenkins Job Generator Plugin <1.22 - XSS
Apr 12, 2022
CVSS 5.4
EPSS 0.01
CVE-2022-29041 MEDIUM
Jenkins Jira Plugin <=3.7 (excluding 3.6.1) - Stored Cross-Site Scripting in Jira Issue and Release Version Parameters
Apr 12, 2022
CVSS 5.4
EPSS 0.01
CVE-2022-29038 MEDIUM
Jenkins Extended Choice Parameter Plugin <346.vd87693c5a_86c - XSS
Apr 12, 2022
CVSS 5.4
EPSS 0.01
CVE-2022-29037 MEDIUM
Jenkins CVS Plugin < 2.19 - Stored Cross-Site Scripting in Symbolic Name Parameters
Apr 12, 2022
CVSS 5.4
EPSS 0.01
CVE-2022-29036 MEDIUM
Jenkins Credentials Plugin <1111.v35a_307992395 - XSS
Apr 12, 2022
CVSS 5.4
EPSS 0.79
CVE-2022-28160 MEDIUM
Jenkins Tests Selector Plugin < 1.3.3 - Arbitrary File Read via Item/Configure Permission
Mar 29, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-28159 MEDIUM
Jenkins Tests Selector Plugin < 1.3.3 - Stored Cross-Site Scripting via Properties File Path Option
Mar 29, 2022
CVSS 5.4
EPSS 0.01
CVE-2022-28154 HIGH
Jenkins Coverage/Complexity Scatter Plot Plugin < 1.1.1 - XML External Entity Injection
Mar 29, 2022
CVSS 8.1
EPSS 0.01
CVE-2022-28148 MEDIUM
Jenkins Continuous Integration with Toad Edge Plugin < 2.3 - Path Traversal via File Browser
Mar 29, 2022
CVSS 6.5
EPSS 0.02
CVE-2022-28147 MEDIUM
Jenkins Continuous Integration with Toad Edge Plugin < 2.3 - Missing Authorization for File Path Existence Check
Mar 29, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-28146 MEDIUM
Jenkins Continuous Integration with Toad Edge Plugin < 2.3 - Arbitrary File Read via Input Folder Parameter
Mar 29, 2022
CVSS 6.5
EPSS 0.02
CVE-2022-28145 MEDIUM
Jenkins Continuous Integration with Toad Edge Plugin < 2.3 - Stored Cross-Site Scripting via Report Files
Mar 29, 2022
CVSS 5.4
EPSS 0.01
CVE-2022-28144 MEDIUM
Jenkins Proxmox Plugin < 0.7.0 - Missing Authorization in HTTP Endpoints
Mar 29, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-28143 MEDIUM
Jenkins Proxmox Plugin < 0.7.0 - Cross-Site Request Forgery
Mar 29, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-28142 HIGH
Jenkins Proxmox Plugin < 0.6.0 - SSL/TLS Certificate Validation Disabled
Mar 29, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-28141 MEDIUM
Jenkins Proxmox Plugin < 0.5.0 - Insufficiently Protected Credentials
Mar 29, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-28140 HIGH
Jenkins Flaky Test Handler Plugin < 1.2.1 - XML External Entity Injection
Mar 29, 2022
CVSS 8.1
EPSS 0.01
CVE-2022-28139 MEDIUM
Jenkins RocketChat Notifier Plugin < 1.4.0 - Missing Authorization
Mar 29, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-28138 MEDIUM
Jenkins RocketChat Notifier Plugin < 1.4.10 - Cross-Site Request Forgery
Mar 29, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-28137 MEDIUM
Jenkins JiraTestResultReporter < 165.v817928553942 - Missing Authorization for URL Connection
Mar 29, 2022
CVSS 4.3
EPSS 0.01