org.jenkins-ci.plugins
1,035 tracked vulnerabilities.
CVE-2021-21655
HIGH
Jenkins P4 Plugin < 1.11.4 - Cross-Site Request Forgery
May 11, 2021
CVSS 7.1
EPSS 0.01
CVE-2021-21654
MEDIUM
Jenkins P4 Plugin <1.11.4 - Privilege Escalation
May 11, 2021
CVSS 4.3
EPSS 0.01
CVE-2021-21653
MEDIUM
Jenkins Xray - Test Management for Jira Plugin <2.4.0 - Info Disclo...
May 11, 2021
CVSS 4.3
EPSS 0.01
CVE-2021-21652
HIGH
Jenkins Xray - Test Management for Jira < 2.4.0 - Cross-Site Request Forgery
May 11, 2021
CVSS 7.1
EPSS 0.01
CVE-2021-21651
MEDIUM
Jenkins S3 publisher Plugin <0.11.6 - Info Disclosure
May 11, 2021
CVSS 4.3
EPSS 0.01
CVE-2021-21650
MEDIUM
Jenkins S3 publisher Plugin <0.11.6 - Info Disclosure
May 11, 2021
CVSS 4.3
EPSS 0.01
CVE-2021-21649
MEDIUM
Jenkins Dashboard View Plugin < 2.15 - Stored Cross-Site Scripting via Image Dashboard Portlet URL
May 11, 2021
CVSS 5.4
EPSS 0.73
CVE-2021-21648
MEDIUM
Jenkins Credentials Plugin < 2.3.18 - Reflected Cross-Site Scripting
May 11, 2021
CVSS 6.1
EPSS 0.11
CVE-2021-21647
MEDIUM
Jenkins CloudBees CD Plugin <1.1.21 - Privilege Escalation
Apr 21, 2021
CVSS 4.3
EPSS 0.01
CVE-2021-21646
HIGH
Jenkins Templating Engine Plugin <2.1 - RCE
Apr 21, 2021
CVSS 8.8
EPSS 0.02
CVE-2021-21645
MEDIUM
Jenkins Config File Provider Plugin <3.7.0 - Info Disclosure
Apr 21, 2021
CVSS 4.3
EPSS 0.01
CVE-2021-21644
MEDIUM
Jenkins Config File Provider Plugin < 3.7.0 - Cross-Site Request Forgery via Configuration File Deletion
Apr 21, 2021
CVSS 5.4
EPSS 0.01
CVE-2021-21643
MEDIUM
Jenkins Config File Provider Plugin <3.7.0 - Info Disclosure
Apr 21, 2021
CVSS 6.5
EPSS 0.01
CVE-2021-21642
HIGH
Jenkins Config File Provider Plugin < 3.7.0 - XML External Entity Injection
Apr 21, 2021
CVSS 8.1
EPSS 0.38
CVE-2021-22513
MEDIUM
Micro Focus Application Automation Tools < 6.7 - Missing Authorization
Apr 08, 2021
CVSS 6.5
EPSS 0.01
CVE-2021-22512
MEDIUM
Micro Focus Application Automation Tools Plugin - Jenkins <6.7 - CSRF
Apr 08, 2021
CVSS 6.5
EPSS 0.01
CVE-2021-22511
MEDIUM
Micro Focus Application Automation Tools Plugin < 6.7 - Improper Certificate Validation
Apr 08, 2021
CVSS 6.5
EPSS 0.00
CVE-2021-22510
MEDIUM
Micro Focus Application Automation Tools Plugin - Jenkins <6.7 - XSS
Apr 08, 2021
CVSS 6.1
EPSS 0.05
CVE-2021-21641
MEDIUM
Jenkins promoted builds < 3.9 - Cross-Site Request Forgery
Apr 07, 2021
CVSS 4.3
EPSS 0.01
CVE-2021-21638
HIGH
Jenkins Team Foundation Server Plugin < 5.157.1 - Cross-Site Request Forgery
Mar 30, 2021
CVSS 8.8
EPSS 0.01
CVE-2021-21637
MEDIUM
Jenkins Team Foundation Server Plugin < 5.157.1 - Missing Authorization for Credential Capture via URL Connection
Mar 30, 2021
CVSS 6.5
EPSS 0.01
CVE-2021-21636
MEDIUM
Jenkins Team Foundation Server Plugin < 5.157.1 - Missing Authorization for Credentials Enumeration
Mar 30, 2021
CVSS 4.3
EPSS 0.01
CVE-2021-21633
HIGH
Jenkins OWASP Dependency-Track < 3.1.0 - Cross-Site Request Forgery
Mar 30, 2021
CVSS 8.8
EPSS 0.01
CVE-2021-21632
MEDIUM
Jenkins OWASP Dependency-Track < 3.1.0 - Missing Authorization for URL Connection
Mar 30, 2021
CVSS 6.5
EPSS 0.01
CVE-2021-21631
MEDIUM
Jenkins Cloud Statistics Plugin < 0.26 - Missing Authorization in HTTP Endpoint
Mar 30, 2021
CVSS 4.3
EPSS 0.01
Products
script-security 35
git 13
email-ext 12
active-directory 11
config-file-provider 9
electricflow 9
credentials-binding 8
ec2 8
oic-auth 8
subversion 8
artifactory 7
htmlpublisher 7
jobConfigHistory 7
mercurial 7
openshift-deployer 7
rundeck 7
azure-ad 6
azure-vm-agents 6
ec2-deployment-dashboard 6
fortify-on-demand-uploader 6
ghprb 6
gitlab-oauth 6
gitlab-plugin 6
pipeline-maven 6
repository-connector 6
aws-codecommit-trigger 5
codedx 5
credentials 5
delphix 5
extended-choice-parameter 5
Quick Filters