Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / Vendors / org.jenkins-ci.plugins

org.jenkins-ci.plugins

1,024 tracked vulnerabilities.

CVE-2017-1000109 MEDIUM

OWASP Dependency-Check Plugin - XSS

CVE-2017-1000108 HIGH

Pipeline: Input Step Plugin - Info Disclosure

CVE-2017-1000107 HIGH

Script Security Plugin - Code Injection

CVE-2017-1000104 MEDIUM

Config File Provider Plugin < 2.16.1 - Unauthenticated Sensitive File Access

CVE-2017-1000095 MEDIUM

Jenkins Script Security < 1.29.1 - Sandbox Bypass via DefaultGroovyMethods Whitelist

CVE-2017-1000094 MEDIUM

Docker Commons Plugin - Info Disclosure

CVE-2017-1000093 HIGH

Poll SCM Plugin < 1.3.1 - Cross-Site Request Forgery via API

CVE-2017-1000092 HIGH

Jenkins Git Plugin - Cross-Site Request Forgery via Form Validation

CVE-2017-1000091 MEDIUM

GitHub Branch Source Plugin - Cross-Site Request Forgery via Form Validation

CVE-2017-1000090 HIGH

Role-based Authorization Strategy Plugin - CSRF

CVE-2017-1000089 MEDIUM

Jenkins Pipeline < 2.5 and pipeline-build-step < 2.5.1 - Unauthenticated Arbitrary Project Triggering

CVE-2017-1000088 MEDIUM

Sidebar Link Plugin < 1.8 - Stored Cross-Site Scripting via Sidebar Link Configuration

CVE-2017-1000087 MEDIUM

GitHub Branch Source - Info Disclosure

CVE-2017-1000086 HIGH

Periodic Backup Plugin - Privilege Escalation & CSRF

CVE-2017-1000085 MEDIUM

Subversion Plugin - Info Disclosure

CVE-2017-1000084 MEDIUM

Jenkins Parameterized Trigger Plugin - Unauthenticated Arbitrary Project Triggering

CVE-2016-3102 HIGH

Jenkins Script Security Plugin < 1.18.1 - Sandbox Bypass via Direct Field Access or Array Operations

CVE-2016-3101 MEDIUM

Jenkins Extra Columns < 1.17 - Cross-Site Scripting via Unfiltered Tooltip Markup

CVE-2015-5298 MEDIUM

Google Login Plugin <1.2 - Auth Bypass

Jenkins Subversion Plugin < 1.54 - Credential Disclosure via Base64-Encoded Storage

Jenkins Plugin for SonarQube <= 3.7 - Authenticated Cleartext Password Exposure via sonar.sonarPassword Parameter

Jenkins Exclusion Plugin < 0.9 - Authenticated Resource Lock Bypass

CVE-2012-4441 MEDIUM

Jenkins < 1.482 and LTS < 1.466.2 - Cross-Site Scripting in CI Game Plugin

CVE-2012-4440 MEDIUM

Jenkins < 1.482 and LTS < 1.466.2 - Cross-Site Scripting in Violations Plugin

Previous Page 41 of 41

Products

script-security 35 git 13 email-ext 11 active-directory 9 config-file-provider 9 electricflow 9 ec2 8 oic-auth 8 subversion 8 artifactory 7 credentials-binding 7 htmlpublisher 7 jobConfigHistory 7 mercurial 7 openshift-deployer 7 rundeck 7 azure-ad 6 azure-vm-agents 6 ec2-deployment-dashboard 6 fortify-on-demand-uploader 6 ghprb 6 gitlab-oauth 6 gitlab-plugin 6 pipeline-maven 6 repository-connector 6 aws-codecommit-trigger 5 codedx 5 credentials 5 delphix 5 extended-choice-parameter 5

Quick Filters

Critical CVEs With Exploits In CISA KEV

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy