org.jenkins-ci.plugins

1,035 tracked vulnerabilities.

CVE-2020-2191 MEDIUM
Jenkins Self-Organizing Swarm Modules Plugin < 3.20 - Unauthenticated Agent Label Manipulation via API Endpoints
Jun 03, 2020
CVSS 4.3
EPSS 0.01
CVE-2020-2190 MEDIUM
Jenkins Script Security Plugin <= 1.72 - Stored Cross-Site Scripting in In-process Script Approval Page
Jun 03, 2020
CVSS 5.4
EPSS 0.01
CVE-2020-2188 MEDIUM
Jenkins Amazon EC2 Plugin < 1.50.1 - Unauthenticated Credential ID Enumeration via Form Methods
May 06, 2020
CVSS 4.3
EPSS 0.01
CVE-2020-2187 MEDIUM
Jenkins Amazon EC2 Plugin < 1.50.1 - Improper Certificate Validation
May 06, 2020
CVSS 5.6
EPSS 0.00
CVE-2020-2186 MEDIUM
Jenkins Amazon EC2 Plugin < 1.50.1 - Cross-Site Request Forgery
May 06, 2020
CVSS 4.3
EPSS 0.01
CVE-2020-2185 MEDIUM
Jenkins Amazon EC2 Plugin <1.50.1 - Man-in-the-middle
May 06, 2020
CVSS 5.6
EPSS 0.01
CVE-2020-2184 MEDIUM
Jenkins CVS Plugin < 2.16 - Cross-Site Request Forgery
May 06, 2020
CVSS 4.3
EPSS 0.44
CVE-2020-2183 MEDIUM
Jenkins Copy Artifact Plugin < 1.43.1 - Unauthenticated Artifact Access via Improper Permission Checks
May 06, 2020
CVSS 6.5
EPSS 0.01
CVE-2020-2182 MEDIUM
Jenkins Credentials Binding Plugin < 1.22 - Insufficiently Protected Credentials
May 06, 2020
CVSS 4.3
EPSS 0.01
CVE-2020-2181 MEDIUM
Jenkins Credentials Binding Plugin < 1.22 - Insufficiently Protected Credentials in Build Log
May 06, 2020
CVSS 6.5
EPSS 0.01
CVE-2020-2179 HIGH
Jenkins Yaml Axis Plugin <= 0.2.0 - Remote Code Execution via Unsafe YAML Deserialization
Apr 16, 2020
CVSS 8.8
EPSS 0.03
CVE-2020-2175 MEDIUM
Jenkins FitNesse Plugin < 1.31 - Stored Cross-Site Scripting via Report Content
Apr 07, 2020
CVSS 5.4
EPSS 0.01
CVE-2020-2173 MEDIUM
Jenkins Gatling Plugin < 1.2.7 - Cross-Site Scripting via Gatling Report Content
Apr 07, 2020
CVSS 5.4
EPSS 0.01
CVE-2020-2171 HIGH
Jenkins RapidDeploy Plugin < 4.2 - XML External Entity Injection
Mar 25, 2020
CVSS 8.8
EPSS 0.01
CVE-2020-2170 MEDIUM
Jenkins RapidDeploy Plugin < 4.2 - Stored Cross-Site Scripting via Package Name
Mar 25, 2020
CVSS 5.4
EPSS 0.01
CVE-2020-2169 MEDIUM
Jenkins Queue Cleanup Plugin < 1.3 - Reflected Cross-Site Scripting via Form Validation Endpoint
Mar 25, 2020
CVSS 6.1
EPSS 0.01
CVE-2020-2168 HIGH
Jenkins Azure Container Service Plugin <= 1.0.1 - Remote Code Execution via YAML Parser
Mar 25, 2020
CVSS 8.8
EPSS 0.02
CVE-2020-2165 HIGH
Jenkins Artifactory Plugin <= 3.6.0 - Plaintext Password Exposure in Global Configuration
Mar 25, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-2164 MEDIUM
Jenkins Artifactory Plugin <= 3.5.0 - Unprotected Credential Storage
Mar 25, 2020
CVSS 6.5
EPSS 0.01
CVE-2020-2158 HIGH
Jenkins Literate Plugin < 1.0 - Remote Code Execution via YAML Deserialization
Mar 09, 2020
CVSS 8.8
EPSS 0.03
CVE-2020-2157 MEDIUM
Jenkins Skytap Cloud CI Plugin <= 2.07 - Cleartext Transmission of Sensitive Credentials
Mar 09, 2020
CVSS 4.3
EPSS 0.01
CVE-2020-2155 MEDIUM
Jenkins OpenShift Deployer Plugin <= 1.2.0 - Cleartext Transmission of Sensitive Credentials
Mar 09, 2020
CVSS 5.3
EPSS 0.01
CVE-2020-2154 MEDIUM
Jenkins Zephyr for JIRA Test Management Plugin < 1.5 - Cleartext Storage of Sensitive Information
Mar 09, 2020
CVSS 5.5
EPSS 0.00
CVE-2020-2153 MEDIUM
Jenkins Backlog Plugin < 2.4 - Cleartext Transmission of Sensitive Credentials
Mar 09, 2020
CVSS 4.3
EPSS 0.01
CVE-2020-2151 MEDIUM
Jenkins Quality Gates Plugin < 2.5 - Cleartext Transmission of Sensitive Information in Global Configuration Form
Mar 09, 2020
CVSS 5.3
EPSS 0.01