org.jenkins-ci.plugins
1,035 tracked vulnerabilities.
CVE-2022-28136
HIGH
Jenkins JiraTestResultReporter < 165.v817928553942 - Cross-Site Request Forgery
Mar 29, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-27216
MEDIUM
Jenkins dbCharts Plugin <= 0.5.2 - Insufficiently Protected Credentials
Mar 15, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-27215
MEDIUM
Jenkins Release Helper Plugin < 1.3.3 - Server-Side Request Forgery via Missing Permission Check
Mar 15, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-27214
MEDIUM
Jenkins Release Helper Plugin < 1.3.3 - Cross-Site Request Forgery
Mar 15, 2022
CVSS 4.3
EPSS 0.00
CVE-2022-27212
MEDIUM
Jenkins List Git Branches Parameter Plugin <= 0.0.9 - Stored Cross-Site Scripting in Parameter Name
Mar 15, 2022
CVSS 5.4
EPSS 0.01
CVE-2022-27211
MEDIUM
Jenkins Kubernetes Continuous Deploy Plugin < 2.3.1 - Missing Authorization for SSH Credential Capture
Mar 15, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-27210
MEDIUM
Jenkins Kubernetes Continuous Deploy Plugin < 2.3.1 - Cross-Site Request Forgery
Mar 15, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-27209
MEDIUM
Jenkins Kubernetes Continuous Deploy Plugin < 2.3.1 - Missing Authorization for Credential ID Enumeration
Mar 15, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-27208
MEDIUM
Jenkins Kubernetes Continuous Deploy Plugin <= 2.3.1 - Arbitrary File Read via Credentials/Create Permission
Mar 15, 2022
CVSS 6.5
EPSS 0.02
CVE-2022-27207
MEDIUM
Jenkins global-build-stats < 1.5 - Stored Cross-Site Scripting in Chart Configuration
Mar 15, 2022
CVSS 4.8
EPSS 0.01
CVE-2022-27206
MEDIUM
Jenkins GitLab Authentication Plugin <= 1.13 - Insufficiently Protected Credentials
Mar 15, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-27205
MEDIUM
Jenkins Extended Choice Parameter Plugin < 346.vd87693c5a_86c - Server-Side Request Forgery via URL Connection
Mar 15, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-27204
HIGH
Jenkins Extended Choice Parameter < 346.vd87693c5a_86c - Cross-Site Request Forgery
Mar 15, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-27203
MEDIUM
Jenkins Extended Choice Parameter Plugin < 346.vd87693c5a_86c - Path Traversal and Arbitrary File Read
Mar 15, 2022
CVSS 6.5
EPSS 0.02
CVE-2022-27202
MEDIUM
Jenkins Extended Choice Parameter Plugin < 346.vd87693c5a_86c - Stored XSS
Mar 15, 2022
CVSS 5.4
EPSS 0.01
CVE-2022-27201
MEDIUM
Jenkins Semantic Versioning Plugin < 1.13 - XML External Entity Injection via Crafted File Parsing
Mar 15, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-27199
MEDIUM
Jenkins CloudBees AWS Credentials Plugin < 191.vcb_f183ce58b_9 - Missing Authorization
Mar 15, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-27198
HIGH
Jenkins CloudBees AWS Credentials Plugin < 189.v3551d5642995 - Cross-Site Request Forgery
Mar 15, 2022
CVSS 8.0
EPSS 0.00
CVE-2022-27197
MEDIUM
Jenkins Dashboard View Plugin < 2.18.1 - Stored Cross-Site Scripting via Iframe Portlet URL
Mar 15, 2022
CVSS 5.4
EPSS 0.01
CVE-2022-27195
MEDIUM
Jenkins Parameterized Trigger Plugin <2.43 - Info Disclosure
Mar 15, 2022
CVSS 5.5
EPSS 0.00
CVE-2022-25209
HIGH
Jenkins Chef Sinatra Plugin < 1.20 - XML External Entity Injection
Feb 15, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-25208
HIGH
Jenkins Chef Sinatra Plugin < 1.20 - Server-Side Request Forgery via XML Response Parsing
Feb 15, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-25207
HIGH
Jenkins Chef Sinatra Plugin < 1.20 - Cross-Site Request Forgery via XML Response Parsing
Feb 15, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-25206
HIGH
Jenkins dbCharts < 0.5.2 - Missing Authorization for JDBC Database Connection
Feb 15, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-25205
HIGH
Jenkins dbCharts Plugin <= 0.5.2 - Cross-Site Request Forgery via JDBC Connection
Feb 15, 2022
CVSS 8.8
EPSS 0.01
Products
script-security 35
git 13
email-ext 12
active-directory 11
config-file-provider 9
electricflow 9
credentials-binding 8
ec2 8
oic-auth 8
subversion 8
artifactory 7
htmlpublisher 7
jobConfigHistory 7
mercurial 7
openshift-deployer 7
rundeck 7
azure-ad 6
azure-vm-agents 6
ec2-deployment-dashboard 6
fortify-on-demand-uploader 6
ghprb 6
gitlab-oauth 6
gitlab-plugin 6
pipeline-maven 6
repository-connector 6
aws-codecommit-trigger 5
codedx 5
credentials 5
delphix 5
extended-choice-parameter 5
Quick Filters