org.jenkins-ci.plugins
1,035 tracked vulnerabilities.
CVE-2022-29048
MEDIUM
Jenkins Subversion Plugin <2.15.3 - CSRF
Apr 12, 2022
CVSS 4.3
EPSS 0.02
CVE-2022-29046
MEDIUM
Jenkins Subversion Plugin <2.15.3 - XSS
Apr 12, 2022
CVSS 5.4
EPSS 0.02
CVE-2022-29045
MEDIUM
Jenkins promoted builds Plugin <873.v6149db_d64130 - XSS
Apr 12, 2022
CVSS 5.4
EPSS 0.01
CVE-2022-29044
MEDIUM
Jenkins Node and Label parameter Plugin <1.10.3 - XSS
Apr 12, 2022
CVSS 5.4
EPSS 0.01
CVE-2022-29043
MEDIUM
Jenkins Mask Passwords Plugin <3.0 - XSS
Apr 12, 2022
CVSS 5.4
EPSS 0.01
CVE-2022-29042
MEDIUM
Jenkins Job Generator Plugin <1.22 - XSS
Apr 12, 2022
CVSS 5.4
EPSS 0.01
CVE-2022-29041
MEDIUM
Jenkins Jira Plugin <=3.7 (excluding 3.6.1) - Stored Cross-Site Scripting in Jira Issue and Release Version Parameters
Apr 12, 2022
CVSS 5.4
EPSS 0.01
CVE-2022-29038
MEDIUM
Jenkins Extended Choice Parameter Plugin <346.vd87693c5a_86c - XSS
Apr 12, 2022
CVSS 5.4
EPSS 0.01
CVE-2022-29037
MEDIUM
Jenkins CVS Plugin < 2.19 - Stored Cross-Site Scripting in Symbolic Name Parameters
Apr 12, 2022
CVSS 5.4
EPSS 0.01
CVE-2022-29036
MEDIUM
Jenkins Credentials Plugin <1111.v35a_307992395 - XSS
Apr 12, 2022
CVSS 5.4
EPSS 0.79
CVE-2022-28160
MEDIUM
Jenkins Tests Selector Plugin < 1.3.3 - Arbitrary File Read via Item/Configure Permission
Mar 29, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-28159
MEDIUM
Jenkins Tests Selector Plugin < 1.3.3 - Stored Cross-Site Scripting via Properties File Path Option
Mar 29, 2022
CVSS 5.4
EPSS 0.01
CVE-2022-28154
HIGH
Jenkins Coverage/Complexity Scatter Plot Plugin < 1.1.1 - XML External Entity Injection
Mar 29, 2022
CVSS 8.1
EPSS 0.01
CVE-2022-28148
MEDIUM
Jenkins Continuous Integration with Toad Edge Plugin < 2.3 - Path Traversal via File Browser
Mar 29, 2022
CVSS 6.5
EPSS 0.02
CVE-2022-28147
MEDIUM
Jenkins Continuous Integration with Toad Edge Plugin < 2.3 - Missing Authorization for File Path Existence Check
Mar 29, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-28146
MEDIUM
Jenkins Continuous Integration with Toad Edge Plugin < 2.3 - Arbitrary File Read via Input Folder Parameter
Mar 29, 2022
CVSS 6.5
EPSS 0.02
CVE-2022-28145
MEDIUM
Jenkins Continuous Integration with Toad Edge Plugin < 2.3 - Stored Cross-Site Scripting via Report Files
Mar 29, 2022
CVSS 5.4
EPSS 0.01
CVE-2022-28144
MEDIUM
Jenkins Proxmox Plugin < 0.7.0 - Missing Authorization in HTTP Endpoints
Mar 29, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-28143
MEDIUM
Jenkins Proxmox Plugin < 0.7.0 - Cross-Site Request Forgery
Mar 29, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-28142
HIGH
Jenkins Proxmox Plugin < 0.6.0 - SSL/TLS Certificate Validation Disabled
Mar 29, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-28141
MEDIUM
Jenkins Proxmox Plugin < 0.5.0 - Insufficiently Protected Credentials
Mar 29, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-28140
HIGH
Jenkins Flaky Test Handler Plugin < 1.2.1 - XML External Entity Injection
Mar 29, 2022
CVSS 8.1
EPSS 0.01
CVE-2022-28139
MEDIUM
Jenkins RocketChat Notifier Plugin < 1.4.0 - Missing Authorization
Mar 29, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-28138
MEDIUM
Jenkins RocketChat Notifier Plugin < 1.4.10 - Cross-Site Request Forgery
Mar 29, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-28137
MEDIUM
Jenkins JiraTestResultReporter < 165.v817928553942 - Missing Authorization for URL Connection
Mar 29, 2022
CVSS 4.3
EPSS 0.01
Products
script-security 35
git 13
email-ext 12
active-directory 11
config-file-provider 9
electricflow 9
credentials-binding 8
ec2 8
oic-auth 8
subversion 8
artifactory 7
htmlpublisher 7
jobConfigHistory 7
mercurial 7
openshift-deployer 7
rundeck 7
azure-ad 6
azure-vm-agents 6
ec2-deployment-dashboard 6
fortify-on-demand-uploader 6
ghprb 6
gitlab-oauth 6
gitlab-plugin 6
pipeline-maven 6
repository-connector 6
aws-codecommit-trigger 5
codedx 5
credentials 5
delphix 5
extended-choice-parameter 5
Quick Filters