org.jenkins-ci.plugins

1,035 tracked vulnerabilities.

CVE-2022-28136 HIGH
Jenkins JiraTestResultReporter < 165.v817928553942 - Cross-Site Request Forgery
Mar 29, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-27216 MEDIUM
Jenkins dbCharts Plugin <= 0.5.2 - Insufficiently Protected Credentials
Mar 15, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-27215 MEDIUM
Jenkins Release Helper Plugin < 1.3.3 - Server-Side Request Forgery via Missing Permission Check
Mar 15, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-27214 MEDIUM
Jenkins Release Helper Plugin < 1.3.3 - Cross-Site Request Forgery
Mar 15, 2022
CVSS 4.3
EPSS 0.00
CVE-2022-27212 MEDIUM
Jenkins List Git Branches Parameter Plugin <= 0.0.9 - Stored Cross-Site Scripting in Parameter Name
Mar 15, 2022
CVSS 5.4
EPSS 0.01
CVE-2022-27211 MEDIUM
Jenkins Kubernetes Continuous Deploy Plugin < 2.3.1 - Missing Authorization for SSH Credential Capture
Mar 15, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-27210 MEDIUM
Jenkins Kubernetes Continuous Deploy Plugin < 2.3.1 - Cross-Site Request Forgery
Mar 15, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-27209 MEDIUM
Jenkins Kubernetes Continuous Deploy Plugin < 2.3.1 - Missing Authorization for Credential ID Enumeration
Mar 15, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-27208 MEDIUM
Jenkins Kubernetes Continuous Deploy Plugin <= 2.3.1 - Arbitrary File Read via Credentials/Create Permission
Mar 15, 2022
CVSS 6.5
EPSS 0.02
CVE-2022-27207 MEDIUM
Jenkins global-build-stats < 1.5 - Stored Cross-Site Scripting in Chart Configuration
Mar 15, 2022
CVSS 4.8
EPSS 0.01
CVE-2022-27206 MEDIUM
Jenkins GitLab Authentication Plugin <= 1.13 - Insufficiently Protected Credentials
Mar 15, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-27205 MEDIUM
Jenkins Extended Choice Parameter Plugin < 346.vd87693c5a_86c - Server-Side Request Forgery via URL Connection
Mar 15, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-27204 HIGH
Jenkins Extended Choice Parameter < 346.vd87693c5a_86c - Cross-Site Request Forgery
Mar 15, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-27203 MEDIUM
Jenkins Extended Choice Parameter Plugin < 346.vd87693c5a_86c - Path Traversal and Arbitrary File Read
Mar 15, 2022
CVSS 6.5
EPSS 0.02
CVE-2022-27202 MEDIUM
Jenkins Extended Choice Parameter Plugin < 346.vd87693c5a_86c - Stored XSS
Mar 15, 2022
CVSS 5.4
EPSS 0.01
CVE-2022-27201 MEDIUM
Jenkins Semantic Versioning Plugin < 1.13 - XML External Entity Injection via Crafted File Parsing
Mar 15, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-27199 MEDIUM
Jenkins CloudBees AWS Credentials Plugin < 191.vcb_f183ce58b_9 - Missing Authorization
Mar 15, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-27198 HIGH
Jenkins CloudBees AWS Credentials Plugin < 189.v3551d5642995 - Cross-Site Request Forgery
Mar 15, 2022
CVSS 8.0
EPSS 0.00
CVE-2022-27197 MEDIUM
Jenkins Dashboard View Plugin < 2.18.1 - Stored Cross-Site Scripting via Iframe Portlet URL
Mar 15, 2022
CVSS 5.4
EPSS 0.01
CVE-2022-27195 MEDIUM
Jenkins Parameterized Trigger Plugin <2.43 - Info Disclosure
Mar 15, 2022
CVSS 5.5
EPSS 0.00
CVE-2022-25209 HIGH
Jenkins Chef Sinatra Plugin < 1.20 - XML External Entity Injection
Feb 15, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-25208 HIGH
Jenkins Chef Sinatra Plugin < 1.20 - Server-Side Request Forgery via XML Response Parsing
Feb 15, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-25207 HIGH
Jenkins Chef Sinatra Plugin < 1.20 - Cross-Site Request Forgery via XML Response Parsing
Feb 15, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-25206 HIGH
Jenkins dbCharts < 0.5.2 - Missing Authorization for JDBC Database Connection
Feb 15, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-25205 HIGH
Jenkins dbCharts Plugin <= 0.5.2 - Cross-Site Request Forgery via JDBC Connection
Feb 15, 2022
CVSS 8.8
EPSS 0.01