org.jenkins-ci.plugins

1,035 tracked vulnerabilities.

CVE-2019-10327 HIGH
Jenkins Pipeline Maven Integration Plugin < 1.7.0 - XML External Entity Injection via Malicious XML File
May 31, 2019
CVSS 8.1
EPSS 0.01
CVE-2019-10324 MEDIUM
Jenkins Artifactory Plugin < 3.2.3 - Cross-Site Request Forgery in Release and Staging Actions
May 31, 2019
CVSS 6.5
EPSS 0.01
CVE-2019-10323 MEDIUM
Jenkins Artifactory Plugin <= 3.2.3 - Missing Authorization in fillCredentialsIdItems Methods
May 31, 2019
CVSS 4.3
EPSS 0.02
CVE-2019-10322 MEDIUM
Jenkins Artifactory Plugin <= 3.2.2 - Missing Authorization in Test Connection Feature
May 31, 2019
CVSS 4.3
EPSS 0.02
CVE-2019-10321 MEDIUM
Jenkins Artifactory Plugin <= 3.2.2 - Cross-Site Request Forgery via Test Connection
May 31, 2019
CVSS 4.3
EPSS 0.01
CVE-2019-10320 MEDIUM
Jenkins Credentials Plugin <2.1.18 - Info Disclosure
May 21, 2019
CVSS 4.3
EPSS 0.01
CVE-2019-10318 HIGH
Jenkins Azure AD Plugin <= 0.3.3 - Insufficiently Protected Credentials in Global Configuration
Apr 30, 2019
CVSS 8.8
EPSS 0.02
CVE-2019-10316 HIGH
Jenkins Aqua MicroScanner Plugin <= 1.0.5 - Insufficiently Protected Credentials
Apr 30, 2019
CVSS 8.8
EPSS 0.02
CVE-2019-10315 HIGH
Jenkins GitHub Authentication Plugin < 0.31 - Cross-Site Request Forgery via OAuth State Parameter
Apr 30, 2019
CVSS 8.8
EPSS 0.02
CVE-2019-10314 MEDIUM
Jenkins Koji Plugin < 0.3 - Improper Certificate Validation
Apr 30, 2019
CVSS 5.9
EPSS 0.01
CVE-2019-10313 HIGH
Jenkins Twitter Plugin < 0.7 - Insufficiently Protected Credentials
Apr 30, 2019
CVSS 8.8
EPSS 0.02
CVE-2019-10312 MEDIUM
Jenkins Ansible Tower Plugin <= 0.9.1 - Missing Authorization in TowerInstallation Descriptor
Apr 30, 2019
CVSS 4.3
EPSS 0.01
CVE-2019-10311 HIGH
Jenkins Ansible Tower Plugin < 0.9.1 - Missing Authorization in TowerInstallation Connection Test
Apr 30, 2019
CVSS 8.8
EPSS 0.02
CVE-2019-10310 HIGH
Jenkins Ansible Tower Plugin < 0.9.1 - Cross-Site Request Forgery via TowerInstallation Connection Test
Apr 30, 2019
CVSS 8.8
EPSS 0.02
CVE-2019-10309 CRITICAL
Jenkins Self-Organizing Swarm Modules Plugin - XML External Entity Injection via UDP Broadcast Response
Apr 30, 2019
CVSS 9.3
EPSS 0.02
CVE-2019-10306 CRITICAL
Jenkins ontrack < 3.4 - Sandbox Bypass via DSL Definition
Apr 18, 2019
CVSS 9.9
EPSS 0.02
CVE-2019-10303 HIGH
Jenkins Azure PublisherSettings Credentials Plugin < 1.2 - Insufficiently Protected Credentials
Apr 18, 2019
CVSS 8.8
EPSS 0.01
CVE-2019-10302 HIGH
Jenkins jira-ext < 0.8 - Insufficiently Protected Credentials
Apr 18, 2019
CVSS 8.8
EPSS 0.01
CVE-2019-10301 HIGH
Jenkins GitLab Plugin < 1.5.11 - Missing Authorization in Connection Test
Apr 18, 2019
CVSS 8.8
EPSS 0.01
CVE-2019-10300 HIGH
Jenkins GitLab Plugin < 1.5.11 - Cross-Site Request Forgery via Test Connection Form
Apr 18, 2019
CVSS 8.0
EPSS 0.01
CVE-2019-10298 HIGH
Jenkins Koji Plugin - Insufficiently Protected Credentials
Apr 04, 2019
CVSS 8.8
EPSS 0.02
CVE-2019-10297 HIGH
Jenkins Sametime Plugin - Insufficiently Protected Credentials
Apr 04, 2019
CVSS 8.8
EPSS 0.02
CVE-2019-10295 HIGH
Jenkins crittercism-dsym Plugin - Insufficiently Protected Credentials in config.xml
Apr 04, 2019
CVSS 8.8
EPSS 0.02
CVE-2019-10294 HIGH
Jenkins Kmap Plugin - Insufficiently Protected Credentials in Job config.xml
Apr 04, 2019
CVSS 8.8
EPSS 0.02
CVE-2019-10293 MEDIUM
Jenkins Kmap Plugin - Missing Authorization in Form Validation Methods
Apr 04, 2019
CVSS 6.5
EPSS 0.01