org.jenkins-ci.plugins

1,035 tracked vulnerabilities.

CVE-2022-25202 MEDIUM
Jenkins Promoted Builds (Simple) Plugin < 1.9 - Stored Cross-Site Scripting in Custom Promotion Level Name
Feb 15, 2022
CVSS 4.8
EPSS 0.01
CVE-2022-25199 HIGH
Jenkins SCP publisher < 1.8 - Missing Authorization for SSH Server Connection
Feb 15, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-25198 HIGH
Jenkins SCP publisher Plugin < 1.8 - Cross-Site Request Forgery
Feb 15, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-25196 MEDIUM
Jenkins GitLab Authentication Plugin < 1.13 - Open Redirect via HTTP Referer Header
Feb 15, 2022
CVSS 5.4
EPSS 0.01
CVE-2022-25188 MEDIUM
Jenkins Fortify Plugin < 20.2.34 - Path Traversal and Arbitrary File Write via Pipeline Step Parameters
Feb 15, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-25187 MEDIUM
Jenkins Support Core Plugin <2.79 - Info Disclosure
Feb 15, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-25185 MEDIUM
Jenkins Generic Webhook Trigger Plugin <= 1.81 - Stored Cross-Site Scripting via Build Cause
Feb 15, 2022
CVSS 5.4
EPSS 0.01
CVE-2022-25184 MEDIUM
Jenkins Pipeline: Build Step Plugin < 2.15 - Password Parameter Exposure via Pipeline Snippet Generator
Feb 15, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-23115 MEDIUM
Jenkins batch task < 1.19 - Cross-Site Request Forgery
Jan 12, 2022
CVSS 5.4
EPSS 0.01
CVE-2022-23114 LOW
Jenkins Publish Over SSH Plugin <= 1.22 - Insufficiently Protected Credentials
Jan 12, 2022
CVSS 3.3
EPSS 0.00
CVE-2022-23113 MEDIUM
Jenkins Publish Over SSH Plugin <= 1.22 - Path Traversal via File Name Validation
Jan 12, 2022
CVSS 4.3
EPSS 0.02
CVE-2022-23112 MEDIUM
Jenkins Publish Over SSH Plugin < 1.22 - Missing Authorization for SSH Server Connection
Jan 12, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-23111 MEDIUM
Jenkins Publish Over SSH Plugin < 1.22 - Cross-Site Request Forgery
Jan 12, 2022
CVSS 4.3
EPSS 0.27
CVE-2022-23110 MEDIUM
Jenkins Publish Over SSH Plugin <= 1.22 - Stored Cross-Site Scripting via SSH Server Name
Jan 12, 2022
CVSS 4.8
EPSS 0.01
CVE-2022-23108 MEDIUM
Jenkins Badge Plugin < 1.9 - Stored Cross-Site Scripting via Badge Description
Jan 12, 2022
CVSS 5.4
EPSS 0.01
CVE-2022-23105 MEDIUM
Jenkins Active Directory Plugin < 2.25 - Cleartext Transmission of Sensitive Information
Jan 12, 2022
CVSS 6.5
EPSS 0.00
CVE-2022-20621 MEDIUM
Jenkins Metrics Plugin <4.0.2.8 - Info Disclosure
Jan 12, 2022
CVSS 5.5
EPSS 0.00
CVE-2022-20620 MEDIUM
Jenkins SSH Agent Plugin <1.23 - Info Disclosure
Jan 12, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-20619 HIGH
Jenkins Bitbucket Branch Source Plugin <737.vdf9dc06105be - CSRF
Jan 12, 2022
CVSS 7.1
EPSS 0.01
CVE-2022-20618 MEDIUM
Jenkins Bitbucket Branch Source Plugin < 737.vdf9dc06105be - Missing Authorization for Credential ID Enumeration
Jan 12, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-20617 HIGH
Jenkins Docker Commons Plugin <1.17 - Command Injection
Jan 12, 2022
CVSS 8.8
EPSS 0.02
CVE-2022-20616 MEDIUM
Jenkins Credentials Binding Plugin <1.27 - Privilege Escalation
Jan 12, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-20615 MEDIUM
Jenkins Matrix Project Plugin <1.19 - XSS
Jan 12, 2022
CVSS 5.4
EPSS 0.82
CVE-2022-20614 MEDIUM
Jenkins Mailer Plugin <391.ve4a_38c1f - Info Disclosure
Jan 12, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-20613 MEDIUM
Jenkins Mailer Plugin <391.ve4a_38c1b_cf4b - CSRF
Jan 12, 2022
CVSS 4.3
EPSS 0.01