org.jenkins-ci.plugins
1,035 tracked vulnerabilities.
CVE-2019-10327
HIGH
Jenkins Pipeline Maven Integration Plugin < 1.7.0 - XML External Entity Injection via Malicious XML File
May 31, 2019
CVSS 8.1
EPSS 0.01
CVE-2019-10324
MEDIUM
Jenkins Artifactory Plugin < 3.2.3 - Cross-Site Request Forgery in Release and Staging Actions
May 31, 2019
CVSS 6.5
EPSS 0.01
CVE-2019-10323
MEDIUM
Jenkins Artifactory Plugin <= 3.2.3 - Missing Authorization in fillCredentialsIdItems Methods
May 31, 2019
CVSS 4.3
EPSS 0.02
CVE-2019-10322
MEDIUM
Jenkins Artifactory Plugin <= 3.2.2 - Missing Authorization in Test Connection Feature
May 31, 2019
CVSS 4.3
EPSS 0.02
CVE-2019-10321
MEDIUM
Jenkins Artifactory Plugin <= 3.2.2 - Cross-Site Request Forgery via Test Connection
May 31, 2019
CVSS 4.3
EPSS 0.01
CVE-2019-10320
MEDIUM
Jenkins Credentials Plugin <2.1.18 - Info Disclosure
May 21, 2019
CVSS 4.3
EPSS 0.01
CVE-2019-10318
HIGH
Jenkins Azure AD Plugin <= 0.3.3 - Insufficiently Protected Credentials in Global Configuration
Apr 30, 2019
CVSS 8.8
EPSS 0.02
CVE-2019-10316
HIGH
Jenkins Aqua MicroScanner Plugin <= 1.0.5 - Insufficiently Protected Credentials
Apr 30, 2019
CVSS 8.8
EPSS 0.02
CVE-2019-10315
HIGH
Jenkins GitHub Authentication Plugin < 0.31 - Cross-Site Request Forgery via OAuth State Parameter
Apr 30, 2019
CVSS 8.8
EPSS 0.02
CVE-2019-10314
MEDIUM
Jenkins Koji Plugin < 0.3 - Improper Certificate Validation
Apr 30, 2019
CVSS 5.9
EPSS 0.01
CVE-2019-10313
HIGH
Jenkins Twitter Plugin < 0.7 - Insufficiently Protected Credentials
Apr 30, 2019
CVSS 8.8
EPSS 0.02
CVE-2019-10312
MEDIUM
Jenkins Ansible Tower Plugin <= 0.9.1 - Missing Authorization in TowerInstallation Descriptor
Apr 30, 2019
CVSS 4.3
EPSS 0.01
CVE-2019-10311
HIGH
Jenkins Ansible Tower Plugin < 0.9.1 - Missing Authorization in TowerInstallation Connection Test
Apr 30, 2019
CVSS 8.8
EPSS 0.02
CVE-2019-10310
HIGH
Jenkins Ansible Tower Plugin < 0.9.1 - Cross-Site Request Forgery via TowerInstallation Connection Test
Apr 30, 2019
CVSS 8.8
EPSS 0.02
CVE-2019-10309
CRITICAL
Jenkins Self-Organizing Swarm Modules Plugin - XML External Entity Injection via UDP Broadcast Response
Apr 30, 2019
CVSS 9.3
EPSS 0.02
CVE-2019-10306
CRITICAL
Jenkins ontrack < 3.4 - Sandbox Bypass via DSL Definition
Apr 18, 2019
CVSS 9.9
EPSS 0.02
CVE-2019-10303
HIGH
Jenkins Azure PublisherSettings Credentials Plugin < 1.2 - Insufficiently Protected Credentials
Apr 18, 2019
CVSS 8.8
EPSS 0.01
CVE-2019-10302
HIGH
Jenkins jira-ext < 0.8 - Insufficiently Protected Credentials
Apr 18, 2019
CVSS 8.8
EPSS 0.01
CVE-2019-10301
HIGH
Jenkins GitLab Plugin < 1.5.11 - Missing Authorization in Connection Test
Apr 18, 2019
CVSS 8.8
EPSS 0.01
CVE-2019-10300
HIGH
Jenkins GitLab Plugin < 1.5.11 - Cross-Site Request Forgery via Test Connection Form
Apr 18, 2019
CVSS 8.0
EPSS 0.01
CVE-2019-10298
HIGH
Jenkins Koji Plugin - Insufficiently Protected Credentials
Apr 04, 2019
CVSS 8.8
EPSS 0.02
CVE-2019-10297
HIGH
Jenkins Sametime Plugin - Insufficiently Protected Credentials
Apr 04, 2019
CVSS 8.8
EPSS 0.02
CVE-2019-10295
HIGH
Jenkins crittercism-dsym Plugin - Insufficiently Protected Credentials in config.xml
Apr 04, 2019
CVSS 8.8
EPSS 0.02
CVE-2019-10294
HIGH
Jenkins Kmap Plugin - Insufficiently Protected Credentials in Job config.xml
Apr 04, 2019
CVSS 8.8
EPSS 0.02
CVE-2019-10293
MEDIUM
Jenkins Kmap Plugin - Missing Authorization in Form Validation Methods
Apr 04, 2019
CVSS 6.5
EPSS 0.01
Products
script-security 35
git 13
email-ext 12
active-directory 11
config-file-provider 9
electricflow 9
credentials-binding 8
ec2 8
oic-auth 8
subversion 8
artifactory 7
htmlpublisher 7
jobConfigHistory 7
mercurial 7
openshift-deployer 7
rundeck 7
azure-ad 6
azure-vm-agents 6
ec2-deployment-dashboard 6
fortify-on-demand-uploader 6
ghprb 6
gitlab-oauth 6
gitlab-plugin 6
pipeline-maven 6
repository-connector 6
aws-codecommit-trigger 5
codedx 5
credentials 5
delphix 5
extended-choice-parameter 5
Quick Filters