org.jenkins-ci.plugins
1,035 tracked vulnerabilities.
CVE-2024-47805
HIGH
Jenkins Credentials Plugin <1380.va - Info Disclosure
Oct 02, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-39460
MEDIUM
Jenkins Bitbucket Branch Source Plugin <= 886.v44cf5e4ecec5 - Sensitive Information Exposure in Build Log
Jun 26, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-39459
MEDIUM
Jenkins Plain Credentials Plugin <182.v468b_97b_9dcb_8 - Info Discl...
Jun 26, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-39458
LOW
Jenkins Structs < 337.v1b_04ea_4df7c8 - Sensitive Information Exposure in Build Step Error Logs
Jun 26, 2024
CVSS 3.1
EPSS 0.00
CVE-2024-5273
MEDIUM
Jenkins Report Info Plugin < 1.2 - Path Traversal via Workspace Directory
May 24, 2024
CVSS 4.3
EPSS 0.01
CVE-2024-34148
MEDIUM
Jenkins Subversion Partial Release Manager Plugin <1.0.1 - RCE
May 02, 2024
CVSS 6.8
EPSS 0.01
CVE-2024-34147
MEDIUM
Jenkins Telegram Bot Plugin <1.4.0 - Info Disclosure
May 02, 2024
CVSS 4.3
EPSS 0.01
CVE-2024-34146
MEDIUM
Jenkins Git server Plugin <114.v068a_c7cc2574 - Privilege Escalation
May 02, 2024
CVSS 6.5
EPSS 0.01
CVE-2024-34145
HIGH
Jenkins Script Security Plugin <1335.vf07d9ce377a_e - RCE
May 02, 2024
CVSS 8.8
EPSS 0.01
CVE-2024-34144
CRITICAL
Jenkins Script Security Plugin <=1335.vf07d9ce377a_e - Sandbox Bypass
May 02, 2024
CVSS 9.8
EPSS 0.48
CVE-2024-2216
HIGH
Jenkins docker-build-step Plugin <2.11 - Privilege Escalation
Mar 06, 2024
CVSS 8.8
EPSS 0.01
CVE-2024-2215
MEDIUM
Jenkins docker-build-step Plugin <2.11 - CSRF
Mar 06, 2024
CVSS 6.1
EPSS 0.00
CVE-2024-28162
MEDIUM
Jenkins Delphix Plugin 3.0.1-3.1.0 - Improper Certificate Validation in Data Control Tower Connections
Mar 06, 2024
CVSS 4.2
EPSS 0.00
CVE-2024-28161
MEDIUM
Jenkins Delphix Plugin 3.0.1 - Improper Certificate Validation
Mar 06, 2024
CVSS 5.3
EPSS 0.00
CVE-2024-28160
HIGH
Jenkins iceScrum Plugin < 1.1.6 - Stored Cross-Site Scripting via Project URL
Mar 06, 2024
CVSS 8.8
EPSS 0.01
CVE-2024-28159
MEDIUM
Jenkins Subversion Partial Release Manager Plugin <= 1.0.1 - Missing Authorization
Mar 06, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-28158
MEDIUM
Jenkins Subversion Partial Release Manager Plugin < 1.0.1 - Cross-Site Request Forgery
Mar 06, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-28157
HIGH
Jenkins GitBucket Plugin <= 0.8 - Stored Cross-Site Scripting in Build Views
Mar 06, 2024
CVSS 8.0
EPSS 0.01
CVE-2024-28156
MEDIUM
Jenkins Build Monitor View Plugin < 1.14-860.vd06ef2568b_3f - Stored Cross-Site Scripting via Unescaped View Names
Mar 06, 2024
CVSS 5.4
EPSS 0.80
CVE-2024-28153
MEDIUM
Jenkins OWASP Dependency-Check Plugin < 5.4.6 - Stored Cross-Site Scripting via Unescaped Vulnerability Metadata
Mar 06, 2024
CVSS 5.4
EPSS 0.01
CVE-2024-28152
MEDIUM
Jenkins Bitbucket Branch Source Plugin <866.vdea_7dcd3008e - Info D...
Mar 06, 2024
CVSS 6.3
EPSS 0.01
CVE-2024-28151
MEDIUM
Jenkins HTML Publisher Plugin <= 1.32 - Path Traversal via Symbolic Link Handling
Mar 06, 2024
CVSS 4.3
EPSS 0.01
CVE-2024-28150
MEDIUM
Jenkins HTML Publisher Plugin < 1.32.1 - Stored Cross-Site Scripting via Job Names and Report Titles
Mar 06, 2024
CVSS 4.7
EPSS 0.01
CVE-2024-28149
MEDIUM
Jenkins HTML Publisher Plugin 1.16-1.32 - Cross-Site Scripting via Improper Input Sanitization
Mar 06, 2024
CVSS 6.5
EPSS 0.01
CVE-2024-23904
HIGH
Jenkins Log Command Plugin < 1.0.2 - Unauthenticated Arbitrary File Read via Command Parser
Jan 24, 2024
CVSS 7.5
EPSS 0.01
Products
script-security 35
git 13
email-ext 12
active-directory 11
config-file-provider 9
electricflow 9
credentials-binding 8
ec2 8
oic-auth 8
subversion 8
artifactory 7
htmlpublisher 7
jobConfigHistory 7
mercurial 7
openshift-deployer 7
rundeck 7
azure-ad 6
azure-vm-agents 6
ec2-deployment-dashboard 6
fortify-on-demand-uploader 6
ghprb 6
gitlab-oauth 6
gitlab-plugin 6
pipeline-maven 6
repository-connector 6
aws-codecommit-trigger 5
codedx 5
credentials 5
delphix 5
extended-choice-parameter 5
Quick Filters