org.jenkins-ci.plugins

1,024 tracked vulnerabilities.

CVE-2019-1003028 MEDIUM
Jenkins JMS Messaging Plugin <1.1.1 - SSRF
Feb 20, 2019
CVSS 4.3
EPSS 0.00
CVE-2019-1003026 MEDIUM
Jenkins Mattermost Notification Plugin <2.6.2 - SSRF
Feb 20, 2019
CVSS 4.3
EPSS 0.00
CVE-2019-1003025 HIGH
Jenkins Cloud Foundry Plugin <2.3.1 - Info Disclosure
Feb 20, 2019
CVSS 8.8
EPSS 0.00
CVE-2019-1003024 HIGH
Jenkins Script Security Plugin <1.52 - RCE
Feb 20, 2019
CVSS 8.8
EPSS 0.00
CVE-2019-1003021 MEDIUM
Jenkins OpenId Connect Authentication Plugin <1.4 - Info Disclosure
Feb 06, 2019
CVSS 4.3
EPSS 0.00
CVE-2019-1003020 MEDIUM
Jenkins Kanboard Plugin <1.5.10 - SSRF
Feb 06, 2019
CVSS 4.3
EPSS 0.00
CVE-2019-1003019 MEDIUM
Jenkins GitHub Auth Plug <0.29 - Privilege Escalation
Feb 06, 2019
CVSS 5.9
EPSS 0.00
CVE-2019-1003018 MEDIUM
Jenkins GitHub Auth Plug <0.29 - Info Disclosure
Feb 06, 2019
CVSS 4.3
EPSS 0.00
CVE-2019-1003017 MEDIUM
Jenkins Job Import Plugin <3.0 - Privilege Escalation
Feb 06, 2019
CVSS 5.3
EPSS 0.00
CVE-2019-1003016 HIGH
Jenkins Job Import Plugin <2.1 - Info Disclosure
Feb 06, 2019
CVSS 8.8
EPSS 0.00
CVE-2019-1003015 CRITICAL
Jenkins Job Import Plugin <2.1 - RCE
Feb 06, 2019
CVSS 9.1
EPSS 0.00
CVE-2019-1003014 MEDIUM
Jenkins Config File Provider Plugin <3.4.1 - XSS
Feb 06, 2019
CVSS 4.8
EPSS 0.00
CVE-2019-1003011 HIGH
Jenkins Token Macro Plugin <2.5 - Info Disclosure & DoS
Feb 06, 2019
CVSS 8.1
EPSS 0.01
CVE-2019-1003010 MEDIUM
Jenkins Git Plugin < 3.9.1 - Cross-Site Request Forgery in GitTagAction
Feb 06, 2019
CVSS 4.3
EPSS 0.01
CVE-2019-1003009 HIGH
Jenkins Active Directory Plugin <2.10 - RCE
Feb 06, 2019
CVSS 7.4
EPSS 0.00
CVE-2019-1003006 HIGH
Jenkins Groovy < 2.0 - Authenticated Remote Code Execution via StringScriptSource
Feb 06, 2019
CVSS 8.8
EPSS 0.00
CVE-2019-1003005 HIGH
Jenkins Script Security Plugin <1.50 - RCE
Feb 06, 2019
CVSS 8.8
EPSS 0.74
CVE-2019-1003001 HIGH
Pipeline: Groovy Plugin <2.61 - RCE
Jan 22, 2019
CVSS 8.8
EPSS 0.94
CVE-2019-1003000 HIGH NUCLEI
Jenkins Script Security Plugin < 1.50 - Sandbox Bypass Remote Code Execution
Jan 22, 2019
CVSS 8.8
EPSS 0.94
CVE-2018-1000425 HIGH
Jenkins SonarQube Scanner Plugin <2.8 - Info Disclosure
Jan 09, 2019
CVSS 7.8
EPSS 0.00
CVE-2018-1000424 HIGH
Jenkins Artifactory Plugin <2.16.1 - Info Disclosure
Jan 09, 2019
CVSS 7.8
EPSS 0.00
CVE-2018-1000423 HIGH
Jenkins Crowd <2.0.0 - Info Disclosure
Jan 09, 2019
CVSS 7.8
EPSS 0.00
CVE-2018-1000422 MEDIUM
Jenkins Crowd 2 Integration Plugin < 2.0.0 - Server-Side Request Forgery via Connection Test
Jan 09, 2019
CVSS 6.5
EPSS 0.00
CVE-2018-1000421 MEDIUM
Jenkins Mesos Plugin <0.17.1 - Auth Bypass
Jan 09, 2019
CVSS 6.5
EPSS 0.00
CVE-2018-1000420 MEDIUM
Jenkins Mesos Plugin <0.17.1 - Auth Bypass
Jan 09, 2019
CVSS 6.5
EPSS 0.00
Products
script-security 35 git 13 email-ext 11 active-directory 9 config-file-provider 9 electricflow 9 ec2 8 oic-auth 8 subversion 8 artifactory 7 credentials-binding 7 htmlpublisher 7 jobConfigHistory 7 mercurial 7 openshift-deployer 7 rundeck 7 azure-ad 6 azure-vm-agents 6 ec2-deployment-dashboard 6 fortify-on-demand-uploader 6 ghprb 6 gitlab-oauth 6 gitlab-plugin 6 pipeline-maven 6 repository-connector 6 aws-codecommit-trigger 5 codedx 5 credentials 5 delphix 5 extended-choice-parameter 5
Quick Filters
Critical CVEs With Exploits In CISA KEV