org.jenkins-ci.plugins

1,035 tracked vulnerabilities.

CVE-2023-41939 HIGH
Jenkins SSH2 Easy Plugin <1.4 - Privilege Escalation
Sep 06, 2023
CVSS 8.8
EPSS 0.01
CVE-2023-41938 MEDIUM
Jenkins Ivy Plugin < 2.5 - Cross-Site Request Forgery
Sep 06, 2023
CVSS 6.5
EPSS 0.00
CVE-2023-41936 HIGH
Jenkins Google Login Plugin <1.7 - Info Disclosure
Sep 06, 2023
CVSS 7.5
EPSS 0.01
CVE-2023-41935 HIGH
Jenkins Azure AD Plugin < 396.v86ce29279947 - Non-Constant Time Comparison in CSRF Nonce Check
Sep 06, 2023
CVSS 7.5
EPSS 0.01
CVE-2023-41934 MEDIUM
Jenkins Pipeline Maven Integration Plugin < 1330.v18e473854496 - Sensitive Information Exposure in Build Logs
Sep 06, 2023
CVSS 5.3
EPSS 0.01
CVE-2023-41933 HIGH
Jenkins Job Configuration History Plugin < 1229.v3039470161a_d - XML External Entity Injection
Sep 06, 2023
CVSS 8.8
EPSS 0.01
CVE-2023-41932 MEDIUM
Jenkins Job Configuration History Plugin < 1227.v7a_79fc4dc01f - Directory Deletion via Timestamp Query Parameter
Sep 06, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-41931 MEDIUM
Jenkins Job Configuration History Plugin < 1227.v7a_79fc4dc01f - Stored Cross-Site Scripting in History View Timestamp
Sep 06, 2023
CVSS 5.4
EPSS 0.00
CVE-2023-41930 MEDIUM
Jenkins Job Configuration History Plugin < 1227.v7a_79fc4dc01f - Path Traversal via Name Query Parameter
Sep 06, 2023
CVSS 4.3
EPSS 0.01
CVE-2023-4303 MEDIUM
Jenkins Fortify Plugin <22.1.38 - XSS
Aug 21, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-4302 MEDIUM
Jenkins Fortify Plugin <22.1.38 - Open Redirect
Aug 21, 2023
CVSS 4.2
EPSS 0.00
CVE-2023-4301 MEDIUM
Jenkins Fortify Plugin <22.1.38 - CSRF
Aug 21, 2023
CVSS 4.2
EPSS 0.00
CVE-2023-40351 MEDIUM
Jenkins Favorite View Plugin < 5.v77a_37f62782d - Cross-Site Request Forgery
Aug 16, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-40350 MEDIUM
Jenkins Docker Swarm Plugin < 1.11 - Stored Cross-Site Scripting via Docker Response Handling
Aug 16, 2023
CVSS 5.4
EPSS 0.01
CVE-2023-40349 MEDIUM
Jenkins Gogs Plugin < 1.0.15 - Unauthenticated Build Trigger via Improper Webhook Initialization
Aug 16, 2023
CVSS 5.3
EPSS 0.01
CVE-2023-40348 MEDIUM
Jenkins Gogs Plugin < 1.0.15 - Unauthenticated Job Existence Exposure via Webhook Endpoint
Aug 16, 2023
CVSS 5.3
EPSS 0.01
CVE-2023-40347 MEDIUM
Jenkins Maven Artifact ChoiceListProvider (Nexus) Plugin < 1.14 - Insufficiently Protected Credentials
Aug 16, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-40345 MEDIUM
Jenkins Delphix Plugin < 3.0.2 - Insufficiently Protected Credentials via Credentials Lookup
Aug 16, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-40344 MEDIUM
Jenkins Delphix Plugin < 3.0.2 - Credential ID Enumeration via Missing Permission Check
Aug 16, 2023
CVSS 4.3
EPSS 0.01
CVE-2023-40342 MEDIUM
Jenkins Flaky Test Handler Plugin < 1.2.2 - Stored Cross-Site Scripting via JUnit Test Contents
Aug 16, 2023
CVSS 5.4
EPSS 0.01
CVE-2023-40340 HIGH
Jenkins NodeJS Plugin <1.6.0 - Info Disclosure
Aug 16, 2023
CVSS 7.5
EPSS 0.01
CVE-2023-40339 HIGH
Jenkins Config File Provider Plugin <va_544a_6234b_46 - Info Disclo...
Aug 16, 2023
CVSS 7.5
EPSS 0.01
CVE-2023-40338 MEDIUM
Jenkins Folders Plugin < 6.846.v23698686f0f6 - Information Exposure via Scan Organization Folder Log Error Message
Aug 16, 2023
CVSS 4.3
EPSS 0.01
CVE-2023-40337 MEDIUM
Jenkins Folders Plugin < 6.846.v23698686f0f6 - Cross-Site Request Forgery
Aug 16, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-40336 HIGH
Jenkins Folders Plugin < 6.846.v23698686f0f6 - Cross-Site Request Forgery
Aug 16, 2023
CVSS 8.8
EPSS 0.00