org.jenkins-ci.plugins

1,024 tracked vulnerabilities.

CVE-2019-10440 HIGH
Jenkins NeoLoad Plugin < 2.2.5 - Cleartext Storage of Sensitive Information in Configuration Files
Oct 16, 2019
CVSS 8.8
EPSS 0.00
CVE-2019-10439 MEDIUM
Jenkins CRX Content Package Deployer Plugin < 1.8.1 - Credential ID Enumeration
Oct 16, 2019
CVSS 4.3
EPSS 0.00
CVE-2019-10438 MEDIUM
Jenkins CRX Content Package Deployer < 1.8.1 - Missing Authorization for Credential Capture via URL Connection
Oct 16, 2019
CVSS 6.5
EPSS 0.00
CVE-2019-10437 HIGH
Jenkins CRX Content Package Deployer Plugin < 1.8.1 - Cross-Site Request Forgery
Oct 16, 2019
CVSS 8.8
EPSS 0.00
CVE-2019-10436 MEDIUM
Jenkins Google OAuth Credentials Plugin <0.9 - Info Disclosure
Oct 16, 2019
CVSS 6.5
EPSS 0.00
CVE-2019-10435 HIGH
Jenkins SourceGear Vault Plugin < 1.1.1 - Cleartext Transmission of Sensitive Credentials
Oct 01, 2019
CVSS 7.5
EPSS 0.00
CVE-2019-10432 MEDIUM
Jenkins HTML Publisher Plugin < 1.20 - Stored Cross-Site Scripting via Project and Build Display Names
Oct 01, 2019
CVSS 5.4
EPSS 0.00
CVE-2019-10431 CRITICAL
Jenkins Script Security Plugin < 1.64 - Sandbox Bypass via Default Parameter Expressions
Oct 01, 2019
CVSS 9.9
EPSS 0.00
CVE-2019-10429 MEDIUM
Jenkins GitLab Logo Plugin < 1.0.3 - Insufficiently Protected Credentials
Sep 25, 2019
CVSS 5.5
EPSS 0.00
CVE-2019-10428 HIGH
Jenkins Aqua Security Scanner Plugin <= 3.0.17 - Cleartext Transmission of Sensitive Credentials
Sep 25, 2019
CVSS 7.5
EPSS 0.00
CVE-2019-10427 MEDIUM
Jenkins Aqua MicroScanner < 1.0.7 - Cleartext Transmission of Sensitive Credentials
Sep 25, 2019
CVSS 5.3
EPSS 0.00
CVE-2019-10425 MEDIUM
Jenkins Google Calendar Plugin < 0.4 - Insufficiently Protected Credentials
Sep 25, 2019
CVSS 6.5
EPSS 0.00
CVE-2019-10421 MEDIUM
Jenkins Azure Event Grid Build Notifier Plugin < 0.1 - Insufficiently Protected Credentials
Sep 25, 2019
CVSS 4.3
EPSS 0.00
CVE-2019-10420 MEDIUM
Jenkins Assembla Plugin < 1.4 - Insufficiently Protected Credentials
Sep 25, 2019
CVSS 5.5
EPSS 0.00
CVE-2019-10419 MEDIUM
Jenkins Vfabric Application Director < 1.3 - Insufficiently Protected Credentials
Sep 25, 2019
CVSS 5.5
EPSS 0.00
CVE-2019-10416 MEDIUM
Jenkins Violation Comments TO Gitlab < 2.28 - Insufficiently Protected Credentials
Sep 25, 2019
CVSS 6.5
EPSS 0.00
CVE-2019-10415 MEDIUM
Jenkins Violation Comments TO Gitlab < 2.28 - Insufficiently Protected Credentials
Sep 25, 2019
CVSS 6.5
EPSS 0.00
CVE-2019-10410 MEDIUM
Jenkins Log Parser Plugin < 2.0 - Cross-Site Scripting via Error Message
Sep 25, 2019
CVSS 5.4
EPSS 0.00
CVE-2019-10400 MEDIUM
Jenkins Script Security Plugin <1.62 - RCE
Sep 12, 2019
CVSS 4.2
EPSS 0.00
CVE-2019-10399 MEDIUM
Jenkins Script Security Plugin <1.62 - RCE
Sep 12, 2019
CVSS 4.2
EPSS 0.00
CVE-2019-10398 MEDIUM
Jenkins Beaker Builder Plugin < 1.9 - Insufficiently Protected Credentials
Sep 12, 2019
CVSS 5.5
EPSS 0.00
CVE-2019-10397 LOW
Jenkins Aqua Security Serverless Scanner < 1.0.4 - Cleartext Transmission of Sensitive Information
Sep 12, 2019
CVSS 3.1
EPSS 0.00
CVE-2019-10396 MEDIUM
Jenkins Dashboard View Plugin < 2.11 - Stored Cross-Site Scripting via Build Descriptions
Sep 12, 2019
CVSS 5.4
EPSS 0.00
CVE-2019-10395 MEDIUM
Jenkins Build Environment Plugin < 1.6 - Cross-Site Scripting via Unescaped Variables
Sep 12, 2019
CVSS 5.4
EPSS 0.00
CVE-2019-10394 MEDIUM
Jenkins Script Security Plugin <1.62 - RCE
Sep 12, 2019
CVSS 4.2
EPSS 0.00
Products
script-security 35 git 13 email-ext 11 active-directory 9 config-file-provider 9 electricflow 9 ec2 8 oic-auth 8 subversion 8 artifactory 7 credentials-binding 7 htmlpublisher 7 jobConfigHistory 7 mercurial 7 openshift-deployer 7 rundeck 7 azure-ad 6 azure-vm-agents 6 ec2-deployment-dashboard 6 fortify-on-demand-uploader 6 ghprb 6 gitlab-oauth 6 gitlab-plugin 6 pipeline-maven 6 repository-connector 6 aws-codecommit-trigger 5 codedx 5 credentials 5 delphix 5 extended-choice-parameter 5
Quick Filters
Critical CVEs With Exploits In CISA KEV