org.jenkins-ci.plugins
1,035 tracked vulnerabilities.
CVE-2025-64146
MEDIUM
Jenkins Curseforge Publisher Plugin 1.0 - Unencrypted API Key Storage in config.xml
Oct 29, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-64142
MEDIUM
Jenkins Nexus Task Runner Plugin <= 0.9.2 - Missing Authorization for URL Connection
Oct 29, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-64141
MEDIUM
Jenkins Nexus Task Runner Plugin <= 0.9.2 - Cross-Site Request Forgery
Oct 29, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-64140
HIGH
Jenkins Azure CLI Plugin < 0.9 - Authenticated OS Command Injection
Oct 29, 2025
CVSS 8.8
EPSS 0.01
CVE-2025-64139
MEDIUM
Jenkins Start Windocks Containers Plugin < 1.4 - Missing Authorization
Oct 29, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-64138
MEDIUM
Jenkins Start Windocks Containers Plugin < 1.4 - Cross-Site Request Forgery
Oct 29, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-64137
MEDIUM
Jenkins Themis < 1.4.1 - Server-Side Request Forgery via Missing Permission Check
Oct 29, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-64136
MEDIUM
Jenkins Themis Plugin < 1.4.1 - Cross-Site Request Forgery
Oct 29, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-64134
HIGH
Jenkins JDepend Plugin < 1.3.1 - XML External Entity Injection
Oct 29, 2025
CVSS 7.1
EPSS 0.00
CVE-2025-64131
HIGH
Jenkins SAML Plugin <4.583 - Auth Bypass
Oct 29, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-58459
MEDIUM
Jenkins global-build-stats Plugin < 322.v22f4db_18e2dd - Improper Access Control in REST API Endpoints
Sep 03, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-58458
MEDIUM
Jenkins Git client Plugin <6.3.2 - Info Disclosure
Sep 03, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-53743
MEDIUM
Jenkins Applitools Eyes Plugin <1.16.5 - Info Disclosure
Jul 09, 2025
CVSS 5.3
EPSS 0.00
CVE-2025-53742
MEDIUM
Jenkins Applitools Eyes Plugin <1.16.5 - Info Disclosure
Jul 09, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-53675
MEDIUM
Jenkins Warrior Framework Plugin <1.2 - Info Disclosure
Jul 09, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-53674
MEDIUM
Jenkins Sensedia Api Platform tools Plugin 1.0 - Info Disclosure
Jul 09, 2025
CVSS 5.3
EPSS 0.00
CVE-2025-53673
MEDIUM
Jenkins Sensedia Api Platform tools Plugin 1.0 - Info Disclosure
Jul 09, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-53671
MEDIUM
Jenkins Nouvola DiveCloud Plugin <1.08 - Info Disclosure
Jul 09, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-53670
MEDIUM
Jenkins Nouvola DiveCloud Plugin <1.08 - Info Disclosure
Jul 09, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-53669
MEDIUM
Jenkins VAddy Plugin <1.2.8 - Info Disclosure
Jul 09, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-53668
MEDIUM
Jenkins VAddy Plugin <1.2.8 - Info Disclosure
Jul 09, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-53667
MEDIUM
Jenkins Dead Man's Snitch Plugin 0.1 - Info Disclosure
Jul 09, 2025
CVSS 5.3
EPSS 0.00
CVE-2025-53666
MEDIUM
Jenkins Dead Man's Snitch Plugin 0.1 - Info Disclosure
Jul 09, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-53662
MEDIUM
Jenkins IFTTT Build Notifier Plugin 1.2- - Info Disclosure
Jul 09, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-53660
MEDIUM
Jenkins QMetry Test Management Plugin <1.13 - Info Disclosure
Jul 09, 2025
CVSS 4.3
EPSS 0.00
Products
script-security 35
git 13
email-ext 12
active-directory 11
config-file-provider 9
electricflow 9
credentials-binding 8
ec2 8
oic-auth 8
subversion 8
artifactory 7
htmlpublisher 7
jobConfigHistory 7
mercurial 7
openshift-deployer 7
rundeck 7
azure-ad 6
azure-vm-agents 6
ec2-deployment-dashboard 6
fortify-on-demand-uploader 6
ghprb 6
gitlab-oauth 6
gitlab-plugin 6
pipeline-maven 6
repository-connector 6
aws-codecommit-trigger 5
codedx 5
credentials 5
delphix 5
extended-choice-parameter 5
Quick Filters