org.jenkins-ci.plugins
1,035 tracked vulnerabilities.
CVE-2020-2191
MEDIUM
Jenkins Self-Organizing Swarm Modules Plugin < 3.20 - Unauthenticated Agent Label Manipulation via API Endpoints
Jun 03, 2020
CVSS 4.3
EPSS 0.01
CVE-2020-2190
MEDIUM
Jenkins Script Security Plugin <= 1.72 - Stored Cross-Site Scripting in In-process Script Approval Page
Jun 03, 2020
CVSS 5.4
EPSS 0.01
CVE-2020-2188
MEDIUM
Jenkins Amazon EC2 Plugin < 1.50.1 - Unauthenticated Credential ID Enumeration via Form Methods
May 06, 2020
CVSS 4.3
EPSS 0.01
CVE-2020-2187
MEDIUM
Jenkins Amazon EC2 Plugin < 1.50.1 - Improper Certificate Validation
May 06, 2020
CVSS 5.6
EPSS 0.00
CVE-2020-2186
MEDIUM
Jenkins Amazon EC2 Plugin < 1.50.1 - Cross-Site Request Forgery
May 06, 2020
CVSS 4.3
EPSS 0.01
CVE-2020-2185
MEDIUM
Jenkins Amazon EC2 Plugin <1.50.1 - Man-in-the-middle
May 06, 2020
CVSS 5.6
EPSS 0.01
CVE-2020-2184
MEDIUM
Jenkins CVS Plugin < 2.16 - Cross-Site Request Forgery
May 06, 2020
CVSS 4.3
EPSS 0.44
CVE-2020-2183
MEDIUM
Jenkins Copy Artifact Plugin < 1.43.1 - Unauthenticated Artifact Access via Improper Permission Checks
May 06, 2020
CVSS 6.5
EPSS 0.01
CVE-2020-2182
MEDIUM
Jenkins Credentials Binding Plugin < 1.22 - Insufficiently Protected Credentials
May 06, 2020
CVSS 4.3
EPSS 0.01
CVE-2020-2181
MEDIUM
Jenkins Credentials Binding Plugin < 1.22 - Insufficiently Protected Credentials in Build Log
May 06, 2020
CVSS 6.5
EPSS 0.01
CVE-2020-2179
HIGH
Jenkins Yaml Axis Plugin <= 0.2.0 - Remote Code Execution via Unsafe YAML Deserialization
Apr 16, 2020
CVSS 8.8
EPSS 0.03
CVE-2020-2175
MEDIUM
Jenkins FitNesse Plugin < 1.31 - Stored Cross-Site Scripting via Report Content
Apr 07, 2020
CVSS 5.4
EPSS 0.01
CVE-2020-2173
MEDIUM
Jenkins Gatling Plugin < 1.2.7 - Cross-Site Scripting via Gatling Report Content
Apr 07, 2020
CVSS 5.4
EPSS 0.01
CVE-2020-2171
HIGH
Jenkins RapidDeploy Plugin < 4.2 - XML External Entity Injection
Mar 25, 2020
CVSS 8.8
EPSS 0.01
CVE-2020-2170
MEDIUM
Jenkins RapidDeploy Plugin < 4.2 - Stored Cross-Site Scripting via Package Name
Mar 25, 2020
CVSS 5.4
EPSS 0.01
CVE-2020-2169
MEDIUM
Jenkins Queue Cleanup Plugin < 1.3 - Reflected Cross-Site Scripting via Form Validation Endpoint
Mar 25, 2020
CVSS 6.1
EPSS 0.01
CVE-2020-2168
HIGH
Jenkins Azure Container Service Plugin <= 1.0.1 - Remote Code Execution via YAML Parser
Mar 25, 2020
CVSS 8.8
EPSS 0.02
CVE-2020-2165
HIGH
Jenkins Artifactory Plugin <= 3.6.0 - Plaintext Password Exposure in Global Configuration
Mar 25, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-2164
MEDIUM
Jenkins Artifactory Plugin <= 3.5.0 - Unprotected Credential Storage
Mar 25, 2020
CVSS 6.5
EPSS 0.01
CVE-2020-2158
HIGH
Jenkins Literate Plugin < 1.0 - Remote Code Execution via YAML Deserialization
Mar 09, 2020
CVSS 8.8
EPSS 0.03
CVE-2020-2157
MEDIUM
Jenkins Skytap Cloud CI Plugin <= 2.07 - Cleartext Transmission of Sensitive Credentials
Mar 09, 2020
CVSS 4.3
EPSS 0.01
CVE-2020-2155
MEDIUM
Jenkins OpenShift Deployer Plugin <= 1.2.0 - Cleartext Transmission of Sensitive Credentials
Mar 09, 2020
CVSS 5.3
EPSS 0.01
CVE-2020-2154
MEDIUM
Jenkins Zephyr for JIRA Test Management Plugin < 1.5 - Cleartext Storage of Sensitive Information
Mar 09, 2020
CVSS 5.5
EPSS 0.00
CVE-2020-2153
MEDIUM
Jenkins Backlog Plugin < 2.4 - Cleartext Transmission of Sensitive Credentials
Mar 09, 2020
CVSS 4.3
EPSS 0.01
CVE-2020-2151
MEDIUM
Jenkins Quality Gates Plugin < 2.5 - Cleartext Transmission of Sensitive Information in Global Configuration Form
Mar 09, 2020
CVSS 5.3
EPSS 0.01
Products
script-security 35
git 13
email-ext 12
active-directory 11
config-file-provider 9
electricflow 9
credentials-binding 8
ec2 8
oic-auth 8
subversion 8
artifactory 7
htmlpublisher 7
jobConfigHistory 7
mercurial 7
openshift-deployer 7
rundeck 7
azure-ad 6
azure-vm-agents 6
ec2-deployment-dashboard 6
fortify-on-demand-uploader 6
ghprb 6
gitlab-oauth 6
gitlab-plugin 6
pipeline-maven 6
repository-connector 6
aws-codecommit-trigger 5
codedx 5
credentials 5
delphix 5
extended-choice-parameter 5
Quick Filters