org.jenkins-ci.plugins
1,035 tracked vulnerabilities.
CVE-2025-53659
MEDIUM
Jenkins QMetry Test Management Plugin <1.13 - Info Disclosure
Jul 09, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-53658
MEDIUM
Jenkins Applitools Eyes Plugin <1.16.5 - XSS
Jul 09, 2025
CVSS 5.4
EPSS 0.00
CVE-2025-53657
MEDIUM
Jenkins ReadyAPI Functional Testing Plugin <1.11 - Info Disclosure
Jul 09, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-53656
MEDIUM
Jenkins ReadyAPI Functional Testing Plugin <1.11 - Info Disclosure
Jul 09, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-53653
MEDIUM
Jenkins Aqua Security Scanner Plugin <3.2.8 - Info Disclosure
Jul 09, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-53651
MEDIUM
Jenkins HTML Publisher Plugin <425 - Info Disclosure
Jul 09, 2025
CVSS 6.3
EPSS 0.00
CVE-2025-53650
HIGH
Jenkins Credentials Binding Plugin <687.v619cb_15e923f - Info Discl...
Jul 09, 2025
CVSS 7.3
EPSS 0.00
CVE-2025-5806
HIGH
Jenkins Gatling Plugin 136.vb_9009b_3d33a_e - XSS
Jun 06, 2025
CVSS 8.0
EPSS 0.00
CVE-2025-47889
CRITICAL
Jenkins WSO2 Oauth Plugin < 1.0 - Unauthenticated Authentication Bypass
May 14, 2025
CVSS 9.8
EPSS 0.01
CVE-2025-47887
MEDIUM
Jenkins Cadence vManager < 4.0.1-286.v9e25a_740b_a_48 - Missing Authorization
May 14, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-47886
MEDIUM
Jenkins Cadence vManager < 4.0.1-286.v9e25a_740b_a_48 - Cross-Site Request Forgery
May 14, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-47885
HIGH
Jenkins Health Advisor by CloudBees < 374.v194b_d4f0c8c8 - Stored Cross-Site Scripting via Server Response
May 14, 2025
CVSS 8.8
EPSS 0.00
CVE-2025-31726
MEDIUM
Jenkins Stack Hammer Plugin <1.0.6 - Info Disclosure
Apr 02, 2025
CVSS 5.5
EPSS 0.00
CVE-2025-31724
MEDIUM
Jenkins Cadence vManager Plugin <4.0.0-282.v5096a_c2db_275 - Info D...
Apr 02, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-31722
HIGH
Jenkins Templating Engine Plugin <2.5.3 - RCE
Apr 02, 2025
CVSS 8.8
EPSS 0.01
CVE-2025-30196
MEDIUM
Jenkins AnchorChain Plugin 1.0 - XSS
Mar 19, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-24403
MEDIUM
Jenkins Azure Service Fabric Plugin < 1.6 - Missing Authorization for Azure Credential ID Enumeration
Jan 22, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-24402
MEDIUM
Jenkins Azure Service Fabric Plugin < 1.6 - Cross-Site Request Forgery
Jan 22, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-24399
HIGH
Jenkins Openid Connect Authentication - Incorrect Default Permissions
Jan 22, 2025
CVSS 8.8
EPSS 0.01
CVE-2025-24397
MEDIUM
Jenkins GitLab Plugin < 1.9.6 - Incorrect Authorization via Global Item/Configure Permission
Jan 22, 2025
CVSS 4.3
EPSS 0.00
CVE-2024-52553
HIGH
Jenkins OpenId Connect Authentication Plugin < 4.421.v5422614eb_e0a - Insufficient Session Expiration
Nov 13, 2024
CVSS 8.8
EPSS 0.01
CVE-2024-52552
HIGH
Jenkins Authorize Project Plugin < 1.7.2 - Stored Cross-Site Scripting via Job Name Evaluation
Nov 13, 2024
CVSS 8.0
EPSS 0.01
CVE-2024-52549
MEDIUM
Jenkins Script Security Plugin - Missing Authorization for File Existence Check
Nov 13, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-47807
HIGH
Jenkins OpenId Connect Authentication Plugin <4.354.321ce67a-1de8 -...
Oct 02, 2024
CVSS 8.1
EPSS 0.01
CVE-2024-47806
HIGH
Jenkins OpenId Connect Authentication Plugin <4.354.v321ce67a_1de8 ...
Oct 02, 2024
CVSS 8.1
EPSS 0.01
Products
script-security 35
git 13
email-ext 12
active-directory 11
config-file-provider 9
electricflow 9
credentials-binding 8
ec2 8
oic-auth 8
subversion 8
artifactory 7
htmlpublisher 7
jobConfigHistory 7
mercurial 7
openshift-deployer 7
rundeck 7
azure-ad 6
azure-vm-agents 6
ec2-deployment-dashboard 6
fortify-on-demand-uploader 6
ghprb 6
gitlab-oauth 6
gitlab-plugin 6
pipeline-maven 6
repository-connector 6
aws-codecommit-trigger 5
codedx 5
credentials 5
delphix 5
extended-choice-parameter 5
Quick Filters