org.jenkins-ci.plugins
1,035 tracked vulnerabilities.
CVE-2024-23900
MEDIUM
Jenkins Matrix Project Plugin <822.v01b_8c85d16d2 - Privilege Escal...
Jan 24, 2024
CVSS 4.3
EPSS 0.01
CVE-2024-23899
MEDIUM
Jenkins Git Server Plugin < 99.va_0826a_b_cdfa_d - Arbitrary File Read via Command Parser
Jan 24, 2024
CVSS 6.5
EPSS 0.01
CVE-2023-50775
MEDIUM
Jenkins Deployment Dashboard Plugin < 1.0.10 - Cross-Site Request Forgery
Dec 13, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-50774
HIGH
Jenkins HTMLResource Plugin 1.02 - Cross-Site Request Forgery
Dec 13, 2023
CVSS 8.1
EPSS 0.00
CVE-2023-50771
MEDIUM
Jenkins OpenId Connect Authentication Plugin < 2.6 - Open Redirect via Login Redirect URL
Dec 13, 2023
CVSS 6.1
EPSS 0.01
CVE-2023-50770
MEDIUM
Jenkins OpenId Connect Authentication Plugin < 2.6 - Insufficiently Protected Credentials
Dec 13, 2023
CVSS 6.7
EPSS 0.00
CVE-2023-50765
MEDIUM
Jenkins Scriptler Plugin < 342.v6a_89fd40f466 - Unauthorized Groovy Script Content Read via Script ID
Dec 13, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-50764
HIGH
Jenkins Scriptler Plugin <342.v6a_89fd40f466 - File Deletion
Dec 13, 2023
CVSS 8.1
EPSS 0.01
CVE-2023-49656
CRITICAL
Jenkins MATLAB Plugin < 2.11.1 - XML External Entity Injection
Nov 29, 2023
CVSS 9.8
EPSS 0.01
CVE-2023-49655
HIGH
Jenkins MATLAB Plugin < 2.11.1 - Cross-Site Request Forgery
Nov 29, 2023
CVSS 8.8
EPSS 0.00
CVE-2023-49654
CRITICAL
Jenkins MATLAB Plugin < 2.11.1 - Unauthenticated XML File Parsing via Missing Permission Checks
Nov 29, 2023
CVSS 9.8
EPSS 0.01
CVE-2023-49653
MEDIUM
Jenkins Jira Plugin < 3.11 - Insufficiently Protected Credentials
Nov 29, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-49652
LOW
Jenkins Google Compute Engine Plugin < 4.3.17.1 - Missing Authorization for Credential Enumeration
Nov 29, 2023
CVSS 2.7
EPSS 0.01
CVE-2023-46660
MEDIUM
Jenkins Zanata Plugin <0.6 - Info Disclosure
Oct 25, 2023
CVSS 5.3
EPSS 0.00
CVE-2023-46659
MEDIUM
Jenkins Edgewall Trac Plugin <1.13 - XSS
Oct 25, 2023
CVSS 5.4
EPSS 0.00
CVE-2023-46657
MEDIUM
Jenkins Gogs Plugin <1.0.15 - Info Disclosure
Oct 25, 2023
CVSS 5.3
EPSS 0.01
CVE-2023-46655
MEDIUM
Jenkins CloudBees CD Plugin <1.1.32 - Path Traversal
Oct 25, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-46654
HIGH
Jenkins CloudBees CD Plugin <1.1.32 - Privilege Escalation
Oct 25, 2023
CVSS 8.1
EPSS 0.01
CVE-2023-46653
MEDIUM
Jenkins lambdatest-automation <1.20.10 - Info Disclosure
Oct 25, 2023
CVSS 6.5
EPSS 0.00
CVE-2023-46652
MEDIUM
Jenkins lambdatest-automation <1.20.9 - Info Disclosure
Oct 25, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-41945
HIGH
Jenkins Assembla Auth Plugin < 1.14 - Missing Authorization
Sep 06, 2023
CVSS 8.8
EPSS 0.01
CVE-2023-41944
MEDIUM
Jenkins AWS CodeCommit Trigger Plugin <= 3.0.12 - HTML Injection via Queue Name Parameter
Sep 06, 2023
CVSS 6.1
EPSS 0.00
CVE-2023-41943
MEDIUM
Jenkins AWS CodeCommit Trigger Plugin < 3.0.12 - Missing Authorization in HTTP Endpoint
Sep 06, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-41942
MEDIUM
Jenkins AWS CodeCommit Trigger Plugin < 3.0.12 - Cross-Site Request Forgery
Sep 06, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-41941
MEDIUM
Jenkins AWS CodeCommit Trigger Plugin < 3.0.12 - Missing Authorization for Credential ID Enumeration
Sep 06, 2023
CVSS 4.3
EPSS 0.00
Products
script-security 35
git 13
email-ext 12
active-directory 11
config-file-provider 9
electricflow 9
credentials-binding 8
ec2 8
oic-auth 8
subversion 8
artifactory 7
htmlpublisher 7
jobConfigHistory 7
mercurial 7
openshift-deployer 7
rundeck 7
azure-ad 6
azure-vm-agents 6
ec2-deployment-dashboard 6
fortify-on-demand-uploader 6
ghprb 6
gitlab-oauth 6
gitlab-plugin 6
pipeline-maven 6
repository-connector 6
aws-codecommit-trigger 5
codedx 5
credentials 5
delphix 5
extended-choice-parameter 5
Quick Filters