org.jenkins-ci.plugins

1,024 tracked vulnerabilities.

CVE-2019-10312 MEDIUM
Jenkins Ansible Tower Plugin <= 0.9.1 - Missing Authorization in TowerInstallation Descriptor
Apr 30, 2019
CVSS 4.3
EPSS 0.00
CVE-2019-10311 HIGH
Jenkins Ansible Tower Plugin < 0.9.1 - Missing Authorization in TowerInstallation Connection Test
Apr 30, 2019
CVSS 8.8
EPSS 0.00
CVE-2019-10310 HIGH
Jenkins Ansible Tower Plugin < 0.9.1 - Cross-Site Request Forgery via TowerInstallation Connection Test
Apr 30, 2019
CVSS 8.8
EPSS 0.00
CVE-2019-10309 CRITICAL
Jenkins Self-Organizing Swarm Modules Plugin - XML External Entity Injection via UDP Broadcast Response
Apr 30, 2019
CVSS 9.3
EPSS 0.00
CVE-2019-10306 CRITICAL
Jenkins ontrack < 3.4 - Sandbox Bypass via DSL Definition
Apr 18, 2019
CVSS 9.9
EPSS 0.00
CVE-2019-10303 HIGH
Jenkins Azure PublisherSettings Credentials Plugin < 1.2 - Insufficiently Protected Credentials
Apr 18, 2019
CVSS 8.8
EPSS 0.00
CVE-2019-10302 HIGH
Jenkins jira-ext < 0.8 - Insufficiently Protected Credentials
Apr 18, 2019
CVSS 8.8
EPSS 0.00
CVE-2019-10301 HIGH
Jenkins GitLab Plugin < 1.5.11 - Missing Authorization in Connection Test
Apr 18, 2019
CVSS 8.8
EPSS 0.00
CVE-2019-10300 HIGH
Jenkins GitLab Plugin < 1.5.11 - Cross-Site Request Forgery via Test Connection Form
Apr 18, 2019
CVSS 8.0
EPSS 0.00
CVE-2019-10298 HIGH
Jenkins Koji Plugin - Insufficiently Protected Credentials
Apr 04, 2019
CVSS 8.8
EPSS 0.00
CVE-2019-10297 HIGH
Jenkins Sametime Plugin - Insufficiently Protected Credentials
Apr 04, 2019
CVSS 8.8
EPSS 0.00
CVE-2019-10295 HIGH
Jenkins crittercism-dsym Plugin - Insufficiently Protected Credentials in config.xml
Apr 04, 2019
CVSS 8.8
EPSS 0.00
CVE-2019-10294 HIGH
Jenkins Kmap Plugin - Insufficiently Protected Credentials in Job config.xml
Apr 04, 2019
CVSS 8.8
EPSS 0.00
CVE-2019-10293 MEDIUM
Jenkins Kmap Plugin - Missing Authorization in Form Validation Methods
Apr 04, 2019
CVSS 6.5
EPSS 0.00
CVE-2019-10292 MEDIUM
Jenkins Kmap Plugin - Cross-Site Request Forgery via Form Validation
Apr 04, 2019
CVSS 6.5
EPSS 0.00
CVE-2019-10291 HIGH
Jenkins Netsparker Cloud Scan Plugin < 1.1.5 - Insufficiently Protected Credentials
Apr 04, 2019
CVSS 8.8
EPSS 0.00
CVE-2019-10290 MEDIUM
Jenkins Netsparker Cloud Scan Plugin < 1.1.5 - Missing Authorization in NCScanBuilder Descriptor Validation
Apr 04, 2019
CVSS 6.5
EPSS 0.00
CVE-2019-10289 MEDIUM
Jenkins Netsparker Cloud Scan < 1.1.5 - Cross-Site Request Forgery via API Validation Method
Apr 04, 2019
CVSS 6.5
EPSS 0.00
CVE-2019-10287 HIGH
Jenkins youtrack-plugin < 0.7.1 - Insufficiently Protected Credentials
Apr 04, 2019
CVSS 8.8
EPSS 0.00
CVE-2019-10285 HIGH
Jenkins Minio Storage Plugin - Insufficiently Protected Credentials
Apr 04, 2019
CVSS 8.8
EPSS 0.00
CVE-2019-10284 HIGH
Jenkins Diawi Upload Plugin - Insufficiently Protected Credentials in Job Configuration
Apr 04, 2019
CVSS 8.8
EPSS 0.00
CVE-2019-10281 HIGH
Jenkins Relution Enterprise Appstore Publisher Plugin - Insufficiently Protected Credentials
Apr 04, 2019
CVSS 8.8
EPSS 0.00
CVE-2019-10280 HIGH
Jenkins Assembla Auth Plugin < 1.13 - Insufficiently Protected Credentials in config.xml
Apr 04, 2019
CVSS 8.8
EPSS 0.00
CVE-2019-10279 MEDIUM
Jenkins Reviewbot Plugin - Missing Authorization in Test Connection Form Validation
Apr 04, 2019
CVSS 6.5
EPSS 0.00
CVE-2019-10278 MEDIUM
Jenkins Reviewbot Plugin - Cross-Site Request Forgery via Test Connection Form
Apr 04, 2019
CVSS 6.5
EPSS 0.00
Products
script-security 35 git 13 email-ext 11 active-directory 9 config-file-provider 9 electricflow 9 ec2 8 oic-auth 8 subversion 8 artifactory 7 credentials-binding 7 htmlpublisher 7 jobConfigHistory 7 mercurial 7 openshift-deployer 7 rundeck 7 azure-ad 6 azure-vm-agents 6 ec2-deployment-dashboard 6 fortify-on-demand-uploader 6 ghprb 6 gitlab-oauth 6 gitlab-plugin 6 pipeline-maven 6 repository-connector 6 aws-codecommit-trigger 5 codedx 5 credentials 5 delphix 5 extended-choice-parameter 5
Quick Filters
Critical CVEs With Exploits In CISA KEV