org.jenkins-ci.plugins
1,035 tracked vulnerabilities.
CVE-2022-25202
MEDIUM
Jenkins Promoted Builds (Simple) Plugin < 1.9 - Stored Cross-Site Scripting in Custom Promotion Level Name
Feb 15, 2022
CVSS 4.8
EPSS 0.01
CVE-2022-25199
HIGH
Jenkins SCP publisher < 1.8 - Missing Authorization for SSH Server Connection
Feb 15, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-25198
HIGH
Jenkins SCP publisher Plugin < 1.8 - Cross-Site Request Forgery
Feb 15, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-25196
MEDIUM
Jenkins GitLab Authentication Plugin < 1.13 - Open Redirect via HTTP Referer Header
Feb 15, 2022
CVSS 5.4
EPSS 0.01
CVE-2022-25188
MEDIUM
Jenkins Fortify Plugin < 20.2.34 - Path Traversal and Arbitrary File Write via Pipeline Step Parameters
Feb 15, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-25187
MEDIUM
Jenkins Support Core Plugin <2.79 - Info Disclosure
Feb 15, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-25185
MEDIUM
Jenkins Generic Webhook Trigger Plugin <= 1.81 - Stored Cross-Site Scripting via Build Cause
Feb 15, 2022
CVSS 5.4
EPSS 0.01
CVE-2022-25184
MEDIUM
Jenkins Pipeline: Build Step Plugin < 2.15 - Password Parameter Exposure via Pipeline Snippet Generator
Feb 15, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-23115
MEDIUM
Jenkins batch task < 1.19 - Cross-Site Request Forgery
Jan 12, 2022
CVSS 5.4
EPSS 0.01
CVE-2022-23114
LOW
Jenkins Publish Over SSH Plugin <= 1.22 - Insufficiently Protected Credentials
Jan 12, 2022
CVSS 3.3
EPSS 0.00
CVE-2022-23113
MEDIUM
Jenkins Publish Over SSH Plugin <= 1.22 - Path Traversal via File Name Validation
Jan 12, 2022
CVSS 4.3
EPSS 0.02
CVE-2022-23112
MEDIUM
Jenkins Publish Over SSH Plugin < 1.22 - Missing Authorization for SSH Server Connection
Jan 12, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-23111
MEDIUM
Jenkins Publish Over SSH Plugin < 1.22 - Cross-Site Request Forgery
Jan 12, 2022
CVSS 4.3
EPSS 0.27
CVE-2022-23110
MEDIUM
Jenkins Publish Over SSH Plugin <= 1.22 - Stored Cross-Site Scripting via SSH Server Name
Jan 12, 2022
CVSS 4.8
EPSS 0.01
CVE-2022-23108
MEDIUM
Jenkins Badge Plugin < 1.9 - Stored Cross-Site Scripting via Badge Description
Jan 12, 2022
CVSS 5.4
EPSS 0.01
CVE-2022-23105
MEDIUM
Jenkins Active Directory Plugin < 2.25 - Cleartext Transmission of Sensitive Information
Jan 12, 2022
CVSS 6.5
EPSS 0.00
CVE-2022-20621
MEDIUM
Jenkins Metrics Plugin <4.0.2.8 - Info Disclosure
Jan 12, 2022
CVSS 5.5
EPSS 0.00
CVE-2022-20620
MEDIUM
Jenkins SSH Agent Plugin <1.23 - Info Disclosure
Jan 12, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-20619
HIGH
Jenkins Bitbucket Branch Source Plugin <737.vdf9dc06105be - CSRF
Jan 12, 2022
CVSS 7.1
EPSS 0.01
CVE-2022-20618
MEDIUM
Jenkins Bitbucket Branch Source Plugin < 737.vdf9dc06105be - Missing Authorization for Credential ID Enumeration
Jan 12, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-20617
HIGH
Jenkins Docker Commons Plugin <1.17 - Command Injection
Jan 12, 2022
CVSS 8.8
EPSS 0.02
CVE-2022-20616
MEDIUM
Jenkins Credentials Binding Plugin <1.27 - Privilege Escalation
Jan 12, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-20615
MEDIUM
Jenkins Matrix Project Plugin <1.19 - XSS
Jan 12, 2022
CVSS 5.4
EPSS 0.82
CVE-2022-20614
MEDIUM
Jenkins Mailer Plugin <391.ve4a_38c1f - Info Disclosure
Jan 12, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-20613
MEDIUM
Jenkins Mailer Plugin <391.ve4a_38c1b_cf4b - CSRF
Jan 12, 2022
CVSS 4.3
EPSS 0.01
Products
script-security 35
git 13
email-ext 12
active-directory 11
config-file-provider 9
electricflow 9
credentials-binding 8
ec2 8
oic-auth 8
subversion 8
artifactory 7
htmlpublisher 7
jobConfigHistory 7
mercurial 7
openshift-deployer 7
rundeck 7
azure-ad 6
azure-vm-agents 6
ec2-deployment-dashboard 6
fortify-on-demand-uploader 6
ghprb 6
gitlab-oauth 6
gitlab-plugin 6
pipeline-maven 6
repository-connector 6
aws-codecommit-trigger 5
codedx 5
credentials 5
delphix 5
extended-choice-parameter 5
Quick Filters