org.jenkins-ci.plugins

1,035 tracked vulnerabilities.

CVE-2023-39156 MEDIUM
Jenkins Bazaar Plugin < 1.22 - Cross-Site Request Forgery via SCM Tag Deletion
Jul 26, 2023
CVSS 5.3
EPSS 0.00
CVE-2023-39155 MEDIUM
Jenkins Chef Identity Plugin <2.0.3 - Info Disclosure
Jul 26, 2023
CVSS 5.3
EPSS 0.00
CVE-2023-39153 MEDIUM
Jenkins GitLab Auth Plugin <1.17.1 - CSRF
Jul 26, 2023
CVSS 5.4
EPSS 0.01
CVE-2023-39152 MEDIUM
Jenkins Gradle Plugin 2.8 - Info Disclosure
Jul 26, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-32263 LOW
Micro Focus Dimensions CM Plugin for Jenkins - Info Disclosure
Jul 19, 2023
CVSS 2.6
EPSS 0.00
CVE-2023-32262 MEDIUM
Micro Focus Dimensions CM Plugin - Privilege Escalation
Jul 19, 2023
CVSS 4.3
EPSS 0.01
CVE-2023-32261 MEDIUM
Micro Focus Dimensions CM Plugin for Jenkins < 0.9.3.1 - Credential ID Enumeration via Overall/Read Permission
Jul 19, 2023
CVSS 4.2
EPSS 0.01
CVE-2023-37965 HIGH
Jenkins ElasticBox CI Plugin < 5.0.1 - Missing Authorization
Jul 12, 2023
CVSS 7.1
EPSS 0.01
CVE-2023-37964 HIGH
Jenkins ElasticBox CI Plugin < 5.0.1 - Cross-Site Request Forgery
Jul 12, 2023
CVSS 8.8
EPSS 0.01
CVE-2023-37961 HIGH
Jenkins Assembla Auth Plugin < 1.14 - Cross-Site Request Forgery
Jul 12, 2023
CVSS 8.8
EPSS 0.00
CVE-2023-37959 MEDIUM
Jenkins Sumologic Publisher Plugin < 2.2.1 - Missing Authorization
Jul 12, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-37958 HIGH
Jenkins Sumologic Publisher Plugin < 2.2.1 - Cross-Site Request Forgery
Jul 12, 2023
CVSS 8.8
EPSS 0.01
CVE-2023-37956 MEDIUM
Jenkins Test Results Aggregator Plugin < 1.2.13 - Server-Side Request Forgery via Unauthorized URL Connection
Jul 12, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-37955 MEDIUM
Jenkins Test Results Aggregator < 1.2.13 - Cross-Site Request Forgery
Jul 12, 2023
CVSS 6.5
EPSS 0.00
CVE-2023-37948 LOW
Jenkins Oracle Cloud Infrastructure Compute Plugin < 1.0.17 - Man-in-the-Middle via Unvalidated SSH Host Keys
Jul 12, 2023
CVSS 3.7
EPSS 0.00
CVE-2023-37943 MEDIUM
Jenkins Active Directory Plugin < 2.30 - Unauthenticated Sensitive Data Exposure via Unencrypted Connection Test
Jul 12, 2023
CVSS 5.9
EPSS 0.00
CVE-2023-37942 MEDIUM
Jenkins External Monitor Job Type Plugin < 206.v9a_94ff0b_4a_10 - XML External Entity Injection
Jul 12, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-3315 MEDIUM
Jenkins Team Concert Plugin <2.4.1 - Info Disclosure
Jun 19, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-35149 MEDIUM
Jenkins Digital.ai App Management Publisher Plugin < 2.6 - Missing Authorization
Jun 14, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-35148 MEDIUM
Jenkins Digital.ai App Management Publisher < 2.6 - Cross-Site Request Forgery
Jun 14, 2023
CVSS 6.5
EPSS 0.00
CVE-2023-35147 MEDIUM
Jenkins AWS CodeCommit Trigger Plugin <= 3.0.12 - Arbitrary File Read via SQS Queue Name Path Parameter
Jun 14, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-35145 MEDIUM
Jenkins Sonargraph Integration Plugin < 5.0.1 - Stored Cross-Site Scripting in Log File Field Form Validation
Jun 14, 2023
CVSS 5.4
EPSS 0.01
CVE-2023-2631 MEDIUM
Jenkins Code Dx Plugin <3.1.0 - SSRF
May 16, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-2195 MEDIUM
Jenkins Code Dx Plugin <3.1.0 - CSRF
May 16, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-2633 MEDIUM
Jenkins Code Dx Plugin <3.1.0 - Info Disclosure
May 16, 2023
CVSS 4.3
EPSS 0.00