org.jenkins-ci.plugins
1,035 tracked vulnerabilities.
CVE-2023-41939
HIGH
Jenkins SSH2 Easy Plugin <1.4 - Privilege Escalation
Sep 06, 2023
CVSS 8.8
EPSS 0.01
CVE-2023-41938
MEDIUM
Jenkins Ivy Plugin < 2.5 - Cross-Site Request Forgery
Sep 06, 2023
CVSS 6.5
EPSS 0.00
CVE-2023-41936
HIGH
Jenkins Google Login Plugin <1.7 - Info Disclosure
Sep 06, 2023
CVSS 7.5
EPSS 0.01
CVE-2023-41935
HIGH
Jenkins Azure AD Plugin < 396.v86ce29279947 - Non-Constant Time Comparison in CSRF Nonce Check
Sep 06, 2023
CVSS 7.5
EPSS 0.01
CVE-2023-41934
MEDIUM
Jenkins Pipeline Maven Integration Plugin < 1330.v18e473854496 - Sensitive Information Exposure in Build Logs
Sep 06, 2023
CVSS 5.3
EPSS 0.01
CVE-2023-41933
HIGH
Jenkins Job Configuration History Plugin < 1229.v3039470161a_d - XML External Entity Injection
Sep 06, 2023
CVSS 8.8
EPSS 0.01
CVE-2023-41932
MEDIUM
Jenkins Job Configuration History Plugin < 1227.v7a_79fc4dc01f - Directory Deletion via Timestamp Query Parameter
Sep 06, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-41931
MEDIUM
Jenkins Job Configuration History Plugin < 1227.v7a_79fc4dc01f - Stored Cross-Site Scripting in History View Timestamp
Sep 06, 2023
CVSS 5.4
EPSS 0.00
CVE-2023-41930
MEDIUM
Jenkins Job Configuration History Plugin < 1227.v7a_79fc4dc01f - Path Traversal via Name Query Parameter
Sep 06, 2023
CVSS 4.3
EPSS 0.01
CVE-2023-4303
MEDIUM
Jenkins Fortify Plugin <22.1.38 - XSS
Aug 21, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-4302
MEDIUM
Jenkins Fortify Plugin <22.1.38 - Open Redirect
Aug 21, 2023
CVSS 4.2
EPSS 0.00
CVE-2023-4301
MEDIUM
Jenkins Fortify Plugin <22.1.38 - CSRF
Aug 21, 2023
CVSS 4.2
EPSS 0.00
CVE-2023-40351
MEDIUM
Jenkins Favorite View Plugin < 5.v77a_37f62782d - Cross-Site Request Forgery
Aug 16, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-40350
MEDIUM
Jenkins Docker Swarm Plugin < 1.11 - Stored Cross-Site Scripting via Docker Response Handling
Aug 16, 2023
CVSS 5.4
EPSS 0.01
CVE-2023-40349
MEDIUM
Jenkins Gogs Plugin < 1.0.15 - Unauthenticated Build Trigger via Improper Webhook Initialization
Aug 16, 2023
CVSS 5.3
EPSS 0.01
CVE-2023-40348
MEDIUM
Jenkins Gogs Plugin < 1.0.15 - Unauthenticated Job Existence Exposure via Webhook Endpoint
Aug 16, 2023
CVSS 5.3
EPSS 0.01
CVE-2023-40347
MEDIUM
Jenkins Maven Artifact ChoiceListProvider (Nexus) Plugin < 1.14 - Insufficiently Protected Credentials
Aug 16, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-40345
MEDIUM
Jenkins Delphix Plugin < 3.0.2 - Insufficiently Protected Credentials via Credentials Lookup
Aug 16, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-40344
MEDIUM
Jenkins Delphix Plugin < 3.0.2 - Credential ID Enumeration via Missing Permission Check
Aug 16, 2023
CVSS 4.3
EPSS 0.01
CVE-2023-40342
MEDIUM
Jenkins Flaky Test Handler Plugin < 1.2.2 - Stored Cross-Site Scripting via JUnit Test Contents
Aug 16, 2023
CVSS 5.4
EPSS 0.01
CVE-2023-40340
HIGH
Jenkins NodeJS Plugin <1.6.0 - Info Disclosure
Aug 16, 2023
CVSS 7.5
EPSS 0.01
CVE-2023-40339
HIGH
Jenkins Config File Provider Plugin <va_544a_6234b_46 - Info Disclo...
Aug 16, 2023
CVSS 7.5
EPSS 0.01
CVE-2023-40338
MEDIUM
Jenkins Folders Plugin < 6.846.v23698686f0f6 - Information Exposure via Scan Organization Folder Log Error Message
Aug 16, 2023
CVSS 4.3
EPSS 0.01
CVE-2023-40337
MEDIUM
Jenkins Folders Plugin < 6.846.v23698686f0f6 - Cross-Site Request Forgery
Aug 16, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-40336
HIGH
Jenkins Folders Plugin < 6.846.v23698686f0f6 - Cross-Site Request Forgery
Aug 16, 2023
CVSS 8.8
EPSS 0.00
Products
script-security 35
git 13
email-ext 12
active-directory 11
config-file-provider 9
electricflow 9
credentials-binding 8
ec2 8
oic-auth 8
subversion 8
artifactory 7
htmlpublisher 7
jobConfigHistory 7
mercurial 7
openshift-deployer 7
rundeck 7
azure-ad 6
azure-vm-agents 6
ec2-deployment-dashboard 6
fortify-on-demand-uploader 6
ghprb 6
gitlab-oauth 6
gitlab-plugin 6
pipeline-maven 6
repository-connector 6
aws-codecommit-trigger 5
codedx 5
credentials 5
delphix 5
extended-choice-parameter 5
Quick Filters