org.jenkins-ci.plugins

1,024 tracked vulnerabilities.

CVE-2023-37958 HIGH
Jenkins Sumologic Publisher Plugin < 2.2.1 - Cross-Site Request Forgery
Jul 12, 2023
CVSS 8.8
EPSS 0.00
CVE-2023-37956 MEDIUM
Jenkins Test Results Aggregator Plugin < 1.2.13 - Server-Side Request Forgery via Unauthorized URL Connection
Jul 12, 2023
CVSS 6.5
EPSS 0.00
CVE-2023-37955 MEDIUM
Jenkins Test Results Aggregator < 1.2.13 - Cross-Site Request Forgery
Jul 12, 2023
CVSS 6.5
EPSS 0.00
CVE-2023-37948 LOW
Jenkins Oracle Cloud Infrastructure Compute Plugin < 1.0.17 - Man-in-the-Middle via Unvalidated SSH Host Keys
Jul 12, 2023
CVSS 3.7
EPSS 0.00
CVE-2023-37943 MEDIUM
Jenkins Active Directory Plugin < 2.30 - Unauthenticated Sensitive Data Exposure via Unencrypted Connection Test
Jul 12, 2023
CVSS 5.9
EPSS 0.00
CVE-2023-37942 MEDIUM
Jenkins External Monitor Job Type Plugin < 206.v9a_94ff0b_4a_10 - XML External Entity Injection
Jul 12, 2023
CVSS 6.5
EPSS 0.00
CVE-2023-3315 MEDIUM
Jenkins Team Concert Plugin <2.4.1 - Info Disclosure
Jun 19, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-35149 MEDIUM
Jenkins Digital.ai App Management Publisher Plugin < 2.6 - Missing Authorization
Jun 14, 2023
CVSS 6.5
EPSS 0.00
CVE-2023-35148 MEDIUM
Jenkins Digital.ai App Management Publisher < 2.6 - Cross-Site Request Forgery
Jun 14, 2023
CVSS 6.5
EPSS 0.00
CVE-2023-35147 MEDIUM
Jenkins AWS CodeCommit Trigger Plugin <= 3.0.12 - Arbitrary File Read via SQS Queue Name Path Parameter
Jun 14, 2023
CVSS 6.5
EPSS 0.00
CVE-2023-35145 MEDIUM
Jenkins Sonargraph Integration Plugin < 5.0.1 - Stored Cross-Site Scripting in Log File Field Form Validation
Jun 14, 2023
CVSS 5.4
EPSS 0.00
CVE-2023-2631 MEDIUM
Jenkins Code Dx Plugin <3.1.0 - SSRF
May 16, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-2195 MEDIUM
Jenkins Code Dx Plugin <3.1.0 - CSRF
May 16, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-2633 MEDIUM
Jenkins Code Dx Plugin <3.1.0 - Info Disclosure
May 16, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-2632 MEDIUM
Jenkins Code Dx Plugin <3.1.0 - Info Disclosure
May 16, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-2196 MEDIUM
Jenkins Code Dx Plugin <3.1.0 - Info Disclosure
May 16, 2023
CVSS 4.3
EPSS 0.01
CVE-2023-33007 MEDIUM
Jenkins LoadComplete support Plugin <= 1.0 - Stored Cross-Site Scripting in LoadComplete Test Name
May 16, 2023
CVSS 5.4
EPSS 0.17
CVE-2023-33006 MEDIUM
Jenkins WSO2 Oauth Plugin < 1.0 - Cross-Site Request Forgery
May 16, 2023
CVSS 5.4
EPSS 0.00
CVE-2023-33005 MEDIUM
Jenkins WSO2 Oauth Plugin < 1.0 - Insufficient Session Expiration
May 16, 2023
CVSS 5.4
EPSS 0.00
CVE-2023-33004 MEDIUM
Jenkins Tag Profiler Plugin < 0.2 - Unauthenticated Statistics Reset via Missing Permission Check
May 16, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-33003 MEDIUM
Jenkins Tag Profiler Plugin < 0.2 - Cross-Site Request Forgery
May 16, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-33002 MEDIUM
Jenkins TestComplete support Plugin < 2.8.1 - Stored Cross-Site Scripting via TestComplete Project Name
May 16, 2023
CVSS 5.4
EPSS 0.12
CVE-2023-32997 HIGH
Jenkins CAS Plugin <1.6.2 - Auth Bypass
May 16, 2023
CVSS 8.8
EPSS 0.01
CVE-2023-32990 MEDIUM
Jenkins Azure VM Agents Plugin < 852.v8d35f0960a_43 - Missing Permission Check for Azure Cloud Server Connection
May 16, 2023
CVSS 6.5
EPSS 0.00
CVE-2023-32989 HIGH
Jenkins Azure VM Agents Plugin < 852.v8d35f0960a_43 - Cross-Site Request Forgery
May 16, 2023
CVSS 8.8
EPSS 0.00
Products
script-security 35 git 13 email-ext 11 active-directory 9 config-file-provider 9 electricflow 9 ec2 8 oic-auth 8 subversion 8 artifactory 7 credentials-binding 7 htmlpublisher 7 jobConfigHistory 7 mercurial 7 openshift-deployer 7 rundeck 7 azure-ad 6 azure-vm-agents 6 ec2-deployment-dashboard 6 fortify-on-demand-uploader 6 ghprb 6 gitlab-oauth 6 gitlab-plugin 6 pipeline-maven 6 repository-connector 6 aws-codecommit-trigger 5 codedx 5 credentials 5 delphix 5 extended-choice-parameter 5
Quick Filters
Critical CVEs With Exploits In CISA KEV