org.jenkins-ci.plugins

1,035 tracked vulnerabilities.

CVE-2020-2150 MEDIUM
Jenkins Sonar Quality Gates Plugin < 1.3.1 - Cleartext Transmission of Sensitive Credentials
Mar 09, 2020
CVSS 5.3
EPSS 0.01
CVE-2020-2149 MEDIUM
Jenkins Repository Connector Plugin < 1.2.6 - Cleartext Transmission of Sensitive Credentials
Mar 09, 2020
CVSS 5.3
EPSS 0.01
CVE-2020-2145 MEDIUM
Jenkins Zephyr Enterprise Test Management Plugin < 1.9.1 - Insufficiently Protected Credentials
Mar 09, 2020
CVSS 5.5
EPSS 0.00
CVE-2020-2144 HIGH
Jenkins Rundeck Plugin < 3.6.6 - XML External Entity Injection
Mar 09, 2020
CVSS 7.1
EPSS 0.01
CVE-2020-2143 MEDIUM
Jenkins Logstash Plugin < 2.3.1 - Cleartext Transmission of Sensitive Credentials
Mar 09, 2020
CVSS 5.3
EPSS 0.01
CVE-2020-2142 MEDIUM
Jenkins P4 Plugin < 1.10.10 - Unauthenticated Build Trigger via Missing Permission Check
Mar 09, 2020
CVSS 4.3
EPSS 0.01
CVE-2020-2141 MEDIUM
Jenkins P4 Plugin < 1.10.10 - Cross-Site Request Forgery
Mar 09, 2020
CVSS 4.3
EPSS 0.01
CVE-2020-2140 MEDIUM NUCLEI
Jenkins Audit Trail Plugin < 3.2 - Reflected Cross-Site Scripting via URL Patterns Field
Mar 09, 2020
CVSS 6.1
EPSS 0.76
CVE-2020-2139 MEDIUM
Jenkins Cobertura < 1.16 - Arbitrary File Write via Coverage Report File
Mar 09, 2020
CVSS 6.5
EPSS 0.02
CVE-2020-2138 HIGH
Jenkins Cobertura Plugin < 1.15 - XML External Entity Injection
Mar 09, 2020
CVSS 7.1
EPSS 0.01
CVE-2020-2137 MEDIUM
Jenkins Timestamper Plugin <= 1.11.1 - Stored Cross-Site Scripting
Mar 09, 2020
CVSS 4.8
EPSS 0.01
CVE-2020-2136 MEDIUM
Jenkins Git Plugin < 4.2.0 - Stored Cross-Site Scripting via Repository URL Error Message
Mar 09, 2020
CVSS 5.4
EPSS 0.01
CVE-2020-2135 HIGH
Jenkins Script Security Plugin < 1.70 - Sandbox Bypass via GroovyInterceptable Method Calls
Mar 09, 2020
CVSS 8.8
EPSS 0.01
CVE-2020-2134 HIGH
Jenkins Script Security Plugin < 1.70 - Sandbox Bypass via Crafted Constructor Calls
Mar 09, 2020
CVSS 8.8
EPSS 0.01
CVE-2020-2131 MEDIUM
Jenkins Harvest SCM Plugin <= 0.5.1 - Insufficiently Protected Credentials in Job config.xml
Feb 12, 2020
CVSS 6.5
EPSS 0.01
CVE-2020-2130 MEDIUM
Jenkins Harvest SCM Plugin <= 0.5.1 - Insufficiently Protected Credentials
Feb 12, 2020
CVSS 6.5
EPSS 0.01
CVE-2020-2123 HIGH
Jenkins RadarGun Plugin < 1.7 - Remote Code Execution via YAML Deserialization
Feb 12, 2020
CVSS 8.8
EPSS 0.02
CVE-2020-2122 MEDIUM
Jenkins Brakeman Plugin < 0.12 - Stored Cross-Site Scripting via Unescaped JSON Values
Feb 12, 2020
CVSS 5.4
EPSS 0.01
CVE-2020-2121 HIGH
Jenkins Google Kubernetes Engine Plugin < 0.8.0 - Remote Code Execution via YAML Parser
Feb 12, 2020
CVSS 8.8
EPSS 0.03
CVE-2020-2120 HIGH
Jenkins FitNesse Plugin < 1.30 - XML External Entity Injection
Feb 12, 2020
CVSS 8.8
EPSS 0.01
CVE-2020-2119 MEDIUM
Jenkins Azure AD Plugin <= 1.1.2 - Insufficiently Protected Credentials
Feb 12, 2020
CVSS 5.3
EPSS 0.01
CVE-2020-2118 MEDIUM
Jenkins Pipeline GitHub Notify Step Plugin < 1.0.4 - Credential ID Enumeration via Form-Related Methods
Feb 12, 2020
CVSS 4.3
EPSS 0.01
CVE-2020-2117 MEDIUM
Jenkins Pipeline GitHub Notify Step Plugin < 1.0.4 - Missing Permission Check
Feb 12, 2020
CVSS 4.3
EPSS 0.01
CVE-2020-2116 HIGH
Jenkins Pipeline GitHub Notify Step < 1.0.4 - Cross-Site Request Forgery
Feb 12, 2020
CVSS 8.8
EPSS 0.01
CVE-2020-2115 HIGH
Jenkins NUnit < 0.25 - XML External Entity Injection
Feb 12, 2020
CVSS 8.8
EPSS 0.01