org.jenkins-ci.plugins
1,035 tracked vulnerabilities.
CVE-2020-2114
HIGH
Jenkins S3 Publisher Plugin <= 0.11.4 - Plaintext Credential Exposure in Global Configuration
Feb 12, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-2111
MEDIUM
Jenkins Subversion Plugin < 2.13.0 - Stored Cross-Site Scripting in Project Repository Base URL Field
Feb 12, 2020
CVSS 5.4
EPSS 0.01
CVE-2020-2110
HIGH
Jenkins Script Security Plugin < 1.69 - Sandbox Bypass via AST Transforming Annotations
Feb 12, 2020
CVSS 8.8
EPSS 0.01
CVE-2020-2108
HIGH
Jenkins WebSphere Deployer Plugin < 1.6.1 - XML External Entity Injection via Job Configuration
Jan 29, 2020
CVSS 7.6
EPSS 0.01
CVE-2020-2107
MEDIUM
Jenkins Fortify Plugin < 19.1.29 - Insufficiently Protected Credentials in Job config.xml
Jan 29, 2020
CVSS 4.3
EPSS 0.01
CVE-2020-2098
HIGH
Jenkins Sounds Plugin < 0.5 - Cross-Site Request Forgery
Jan 15, 2020
CVSS 8.8
EPSS 0.01
CVE-2020-2097
HIGH
Jenkins Sounds Plugin < 0.5 - OS Command Execution via Form Validation URL
Jan 15, 2020
CVSS 8.8
EPSS 0.01
CVE-2020-2094
MEDIUM
Jenkins Health Advisor by CloudBees < 3.0 - Missing Authorization for Email Sending
Jan 15, 2020
CVSS 4.3
EPSS 0.01
CVE-2020-2093
HIGH
Jenkins Health Advisor by CloudBees < 3.0 - Cross-Site Request Forgery
Jan 15, 2020
CVSS 8.8
EPSS 0.01
CVE-2020-2092
HIGH
Jenkins Robot Framework < 2.0.0 - XML External Entity Injection
Jan 15, 2020
CVSS 8.8
EPSS 0.01
CVE-2020-2091
HIGH
Jenkins Amazon EC2 Plugin < 1.47 - Server-Side Request Forgery via AWS Credentials
Jan 15, 2020
CVSS 8.1
EPSS 0.01
CVE-2020-2090
HIGH
Jenkins Amazon EC2 Plugin < 1.47 - Cross-Site Request Forgery
Jan 15, 2020
CVSS 8.8
EPSS 0.01
CVE-2019-16572
MEDIUM
Jenkins Weibo Plugin <1.0.1 - Info Disclosure
Dec 17, 2019
CVSS 5.5
EPSS 0.00
CVE-2019-16571
MEDIUM
Jenkins RapidDeploy Plugin <4.1 - DoS
Dec 17, 2019
CVSS 4.3
EPSS 0.01
CVE-2019-16570
HIGH
Jenkins RapidDeploy Plugin <4.1 - CSRF
Dec 17, 2019
CVSS 8.8
EPSS 0.01
CVE-2019-16569
MEDIUM
Jenkins Mantis Plugin < 0.26 - Cross-Site Request Forgery
Dec 17, 2019
CVSS 4.3
EPSS 0.01
CVE-2019-16567
MEDIUM
Jenkins Team Concert Plugin <1.3.0 - Info Disclosure
Dec 17, 2019
CVSS 4.3
EPSS 0.01
CVE-2019-16566
MEDIUM
Jenkins Team Concert Plugin <1.3.0 - SSRF
Dec 17, 2019
CVSS 6.5
EPSS 0.01
CVE-2019-16565
HIGH
Jenkins Team Concert Plugin <1.3.0 - CSRF
Dec 17, 2019
CVSS 8.8
EPSS 0.01
CVE-2019-16562
MEDIUM
Jenkins buildgraph-view Plugin <1.8 - XSS
Dec 17, 2019
CVSS 5.4
EPSS 0.01
CVE-2019-16561
HIGH
Jenkins WebSphere Deployer Plugin <1.6.1 - Info Disclosure
Dec 17, 2019
CVSS 7.1
EPSS 0.01
CVE-2019-16560
HIGH
Jenkins WebSphere Deployer Plugin <1.6.1 - CSRF
Dec 17, 2019
CVSS 8.8
EPSS 0.01
CVE-2019-16559
MEDIUM
Jenkins WebSphere Deployer Plugin <1.6.1 - Info Disclosure
Dec 17, 2019
CVSS 5.4
EPSS 0.01
CVE-2019-16556
MEDIUM
Jenkins Rundeck Plugin <3.6.5 - Info Disclosure
Dec 17, 2019
CVSS 6.5
EPSS 0.01
CVE-2019-16548
HIGH
Jenkins Google Compute Engine Plugin <4.1.1 - CSRF
Nov 21, 2019
CVSS 8.8
EPSS 0.01
Products
script-security 35
git 13
email-ext 12
active-directory 11
config-file-provider 9
electricflow 9
credentials-binding 8
ec2 8
oic-auth 8
subversion 8
artifactory 7
htmlpublisher 7
jobConfigHistory 7
mercurial 7
openshift-deployer 7
rundeck 7
azure-ad 6
azure-vm-agents 6
ec2-deployment-dashboard 6
fortify-on-demand-uploader 6
ghprb 6
gitlab-oauth 6
gitlab-plugin 6
pipeline-maven 6
repository-connector 6
aws-codecommit-trigger 5
codedx 5
credentials 5
delphix 5
extended-choice-parameter 5
Quick Filters