org.jenkins-ci.plugins
1,035 tracked vulnerabilities.
CVE-2021-21630
MEDIUM
Jenkins Extra Columns Plugin < 1.22 - Stored Cross-Site Scripting in Build Parameters Column
Mar 30, 2021
CVSS 5.4
EPSS 0.72
CVE-2021-21629
HIGH
Jenkins Build With Parameters Plugin < 1.5 - Cross-Site Request Forgery
Mar 30, 2021
CVSS 8.8
EPSS 0.01
CVE-2021-21628
MEDIUM
Jenkins Build With Parameters Plugin < 1.5 - Stored Cross-Site Scripting in Parameter Names and Descriptions
Mar 30, 2021
CVSS 5.4
EPSS 0.82
CVE-2021-21627
HIGH
Jenkins Libvirt Agents Plugin < 1.9.0 - Cross-Site Request Forgery
Mar 18, 2021
CVSS 8.8
EPSS 0.01
CVE-2021-21625
MEDIUM
Jenkins CloudBees AWS Credentials Plugin < 1.28 - Missing Authorization in HTTP Endpoint Helper Method
Mar 18, 2021
CVSS 4.3
EPSS 0.01
CVE-2021-21624
MEDIUM
Jenkins Role-based Authorization Strategy Plugin < 3.1 - Incorrect Authorization
Mar 18, 2021
CVSS 4.3
EPSS 0.01
CVE-2021-21623
MEDIUM
Jenkins Matrix Authorization Strategy Plugin < 2.6.5 - Incorrect Authorization
Mar 18, 2021
CVSS 6.5
EPSS 0.01
CVE-2021-21621
MEDIUM
Jenkins Support Core Plugin < 2.72 - Exposure of Sensitive Information via Serialized User Authentication
Feb 24, 2021
CVSS 5.3
EPSS 0.01
CVE-2021-21620
MEDIUM
Jenkins Claim Plugin < 2.18.1 - Cross-Site Request Forgery
Feb 24, 2021
CVSS 4.3
EPSS 0.02
CVE-2021-21619
MEDIUM
Jenkins Claim Plugin < 2.18.1 - Stored Cross-Site Scripting via User Display Name
Feb 24, 2021
CVSS 5.4
EPSS 0.09
CVE-2021-21618
MEDIUM
Jenkins Repository Connector Plugin < 2.0.2 - Stored Cross-Site Scripting in Parameter Names and Descriptions
Feb 24, 2021
CVSS 5.4
EPSS 0.82
CVE-2021-21617
HIGH
Jenkins Configuration Slicing Plugin < 1.51 - Cross-Site Request Forgery
Feb 24, 2021
CVSS 8.8
EPSS 0.01
CVE-2021-21614
MEDIUM
Jenkins Bumblebee HP ALM Plugin <= 4.1.5 - Insufficiently Protected Credentials
Jan 13, 2021
CVSS 5.5
EPSS 0.00
CVE-2020-2324
HIGH
Jenkins CVS Plugin < 2.16 - XML External Entity Injection
Dec 03, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-2321
HIGH
Jenkins Shelve Project Plugin <3.0 - CSRF
Dec 03, 2020
CVSS 8.1
EPSS 0.01
CVE-2020-2319
MEDIUM
Jenkins VMware Lab Manager Slaves Plugin <0.2.8 - Info Disclosure
Nov 04, 2020
CVSS 6.5
EPSS 0.01
CVE-2020-2318
MEDIUM
Jenkins Mail Commander Plugin <1.0.0 - Info Disclosure
Nov 04, 2020
CVSS 6.5
EPSS 0.01
CVE-2020-2315
MEDIUM
Jenkins Visualworks Store Plugin <1.1.3 - XXE
Nov 04, 2020
CVSS 6.5
EPSS 0.01
CVE-2020-2313
MEDIUM
Jenkins Azure Key Vault Plugin <2.0 - Info Disclosure
Nov 04, 2020
CVSS 4.3
EPSS 0.01
CVE-2020-2312
MEDIUM
Jenkins SQLPlus Script Runner Plugin <2.0.12 - Info Disclosure
Nov 04, 2020
CVSS 6.5
EPSS 0.01
CVE-2020-2310
MEDIUM
Jenkins Ansible Plugin <1.0 - Info Disclosure
Nov 04, 2020
CVSS 4.3
EPSS 0.01
CVE-2020-2306
MEDIUM
Jenkins Mercurial Plugin <2.11 - Info Disclosure
Nov 04, 2020
CVSS 4.3
EPSS 0.01
CVE-2020-2305
MEDIUM
Jenkins Mercurial Plugin <2.11 - XXE
Nov 04, 2020
CVSS 6.5
EPSS 0.01
CVE-2020-2304
MEDIUM
Jenkins Subversion Plugin <2.13.1 - XXE
Nov 04, 2020
CVSS 6.5
EPSS 0.01
CVE-2020-2303
MEDIUM
Jenkins Active Directory Plugin <2.19 - CSRF
Nov 04, 2020
CVSS 4.3
EPSS 0.01
Products
script-security 35
git 13
email-ext 12
active-directory 11
config-file-provider 9
electricflow 9
credentials-binding 8
ec2 8
oic-auth 8
subversion 8
artifactory 7
htmlpublisher 7
jobConfigHistory 7
mercurial 7
openshift-deployer 7
rundeck 7
azure-ad 6
azure-vm-agents 6
ec2-deployment-dashboard 6
fortify-on-demand-uploader 6
ghprb 6
gitlab-oauth 6
gitlab-plugin 6
pipeline-maven 6
repository-connector 6
aws-codecommit-trigger 5
codedx 5
credentials 5
delphix 5
extended-choice-parameter 5
Quick Filters