org.jenkins-ci.plugins
1,035 tracked vulnerabilities.
CVE-2017-2651
LOW
Jenkins Mailer < 1.20 - Information Disclosure via Dynamic User List Feature
Jul 27, 2018
CVSS 3.7
EPSS 0.02
CVE-2017-1000402
MEDIUM
Jenkins Swarm Plugin Client <3.4 - Man-in-the-middle
Jan 26, 2018
CVSS 5.9
EPSS 0.00
CVE-2017-1000390
MEDIUM
Jenkins Multijob <1.25 - Privilege Escalation
Jan 26, 2018
CVSS 4.3
EPSS 0.01
CVE-2017-1000389
MEDIUM
Jenkins global-build-stats <1.4 - CSRF/XSS
Jan 26, 2018
CVSS 6.1
EPSS 0.01
CVE-2017-1000388
MEDIUM
Jenkins Dependency Graph Viewer <0.12 - Privilege Escalation
Jan 26, 2018
CVSS 4.3
EPSS 0.01
CVE-2017-1000387
HIGH
Jenkins Build-Publisher <1.21 - Info Disclosure
Jan 26, 2018
CVSS 7.8
EPSS 0.00
CVE-2017-1000505
MEDIUM
Jenkins Script Security Plugin <1.36 - Info Disclosure
Jan 25, 2018
CVSS 6.5
EPSS 0.01
CVE-2017-1000502
HIGH
Jenkins EC2 < 1.37 - Authenticated OS Command Injection via Agent Configuration
Jan 24, 2018
CVSS 8.8
EPSS 0.02
CVE-2017-1000245
CRITICAL
Jenkins SSH Plugin < 2.4 - Insufficiently Protected Credentials
Nov 01, 2017
CVSS 9.8
EPSS 0.01
CVE-2017-1000242
LOW
Jenkins Git Client Plugin <2.4.2 - Info Disclosure
Nov 01, 2017
CVSS 3.3
EPSS 0.00
CVE-2017-1000113
MEDIUM
Deploy to Container Plugin - Info Disclosure
Oct 05, 2017
CVSS 5.5
EPSS 0.00
CVE-2017-1000109
MEDIUM
OWASP Dependency-Check Plugin - XSS
Oct 05, 2017
CVSS 6.1
EPSS 0.01
CVE-2017-1000108
HIGH
Pipeline: Input Step Plugin - Info Disclosure
Oct 05, 2017
CVSS 7.5
EPSS 0.01
CVE-2017-1000107
HIGH
Script Security Plugin - Code Injection
Oct 05, 2017
CVSS 8.8
EPSS 0.01
CVE-2017-1000104
MEDIUM
Config File Provider Plugin < 2.16.1 - Unauthenticated Sensitive File Access
Oct 05, 2017
CVSS 6.5
EPSS 0.01
CVE-2017-1000095
MEDIUM
Jenkins Script Security < 1.29.1 - Sandbox Bypass via DefaultGroovyMethods Whitelist
Oct 05, 2017
CVSS 6.5
EPSS 0.01
CVE-2017-1000094
MEDIUM
Docker Commons Plugin - Info Disclosure
Oct 05, 2017
CVSS 6.5
EPSS 0.01
CVE-2017-1000093
HIGH
Poll SCM Plugin < 1.3.1 - Cross-Site Request Forgery via API
Oct 05, 2017
CVSS 8.8
EPSS 0.01
CVE-2017-1000092
HIGH
Jenkins Git Plugin - Cross-Site Request Forgery via Form Validation
Oct 05, 2017
CVSS 7.5
EPSS 0.01
CVE-2017-1000091
MEDIUM
GitHub Branch Source Plugin - Cross-Site Request Forgery via Form Validation
Oct 05, 2017
CVSS 6.3
EPSS 0.01
CVE-2017-1000090
HIGH
Role-based Authorization Strategy Plugin - CSRF
Oct 05, 2017
CVSS 8.8
EPSS 0.01
CVE-2017-1000089
MEDIUM
Jenkins Pipeline < 2.5 and pipeline-build-step < 2.5.1 - Unauthenticated Arbitrary Project Triggering
Oct 05, 2017
CVSS 5.3
EPSS 0.01
CVE-2017-1000088
MEDIUM
Sidebar Link Plugin < 1.8 - Stored Cross-Site Scripting via Sidebar Link Configuration
Oct 05, 2017
CVSS 5.4
EPSS 0.01
CVE-2017-1000087
MEDIUM
GitHub Branch Source - Info Disclosure
Oct 05, 2017
CVSS 4.3
EPSS 0.01
CVE-2017-1000086
HIGH
Periodic Backup Plugin - Privilege Escalation & CSRF
Oct 05, 2017
CVSS 8.0
EPSS 0.01
Products
script-security 35
git 13
email-ext 12
active-directory 11
config-file-provider 9
electricflow 9
credentials-binding 8
ec2 8
oic-auth 8
subversion 8
artifactory 7
htmlpublisher 7
jobConfigHistory 7
mercurial 7
openshift-deployer 7
rundeck 7
azure-ad 6
azure-vm-agents 6
ec2-deployment-dashboard 6
fortify-on-demand-uploader 6
ghprb 6
gitlab-oauth 6
gitlab-plugin 6
pipeline-maven 6
repository-connector 6
aws-codecommit-trigger 5
codedx 5
credentials 5
delphix 5
extended-choice-parameter 5
Quick Filters