org.jenkins-ci.plugins
1,035 tracked vulnerabilities.
CVE-2023-39156
MEDIUM
Jenkins Bazaar Plugin < 1.22 - Cross-Site Request Forgery via SCM Tag Deletion
Jul 26, 2023
CVSS 5.3
EPSS 0.00
CVE-2023-39155
MEDIUM
Jenkins Chef Identity Plugin <2.0.3 - Info Disclosure
Jul 26, 2023
CVSS 5.3
EPSS 0.00
CVE-2023-39153
MEDIUM
Jenkins GitLab Auth Plugin <1.17.1 - CSRF
Jul 26, 2023
CVSS 5.4
EPSS 0.01
CVE-2023-39152
MEDIUM
Jenkins Gradle Plugin 2.8 - Info Disclosure
Jul 26, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-32263
LOW
Micro Focus Dimensions CM Plugin for Jenkins - Info Disclosure
Jul 19, 2023
CVSS 2.6
EPSS 0.00
CVE-2023-32262
MEDIUM
Micro Focus Dimensions CM Plugin - Privilege Escalation
Jul 19, 2023
CVSS 4.3
EPSS 0.01
CVE-2023-32261
MEDIUM
Micro Focus Dimensions CM Plugin for Jenkins < 0.9.3.1 - Credential ID Enumeration via Overall/Read Permission
Jul 19, 2023
CVSS 4.2
EPSS 0.01
CVE-2023-37965
HIGH
Jenkins ElasticBox CI Plugin < 5.0.1 - Missing Authorization
Jul 12, 2023
CVSS 7.1
EPSS 0.01
CVE-2023-37964
HIGH
Jenkins ElasticBox CI Plugin < 5.0.1 - Cross-Site Request Forgery
Jul 12, 2023
CVSS 8.8
EPSS 0.01
CVE-2023-37961
HIGH
Jenkins Assembla Auth Plugin < 1.14 - Cross-Site Request Forgery
Jul 12, 2023
CVSS 8.8
EPSS 0.00
CVE-2023-37959
MEDIUM
Jenkins Sumologic Publisher Plugin < 2.2.1 - Missing Authorization
Jul 12, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-37958
HIGH
Jenkins Sumologic Publisher Plugin < 2.2.1 - Cross-Site Request Forgery
Jul 12, 2023
CVSS 8.8
EPSS 0.01
CVE-2023-37956
MEDIUM
Jenkins Test Results Aggregator Plugin < 1.2.13 - Server-Side Request Forgery via Unauthorized URL Connection
Jul 12, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-37955
MEDIUM
Jenkins Test Results Aggregator < 1.2.13 - Cross-Site Request Forgery
Jul 12, 2023
CVSS 6.5
EPSS 0.00
CVE-2023-37948
LOW
Jenkins Oracle Cloud Infrastructure Compute Plugin < 1.0.17 - Man-in-the-Middle via Unvalidated SSH Host Keys
Jul 12, 2023
CVSS 3.7
EPSS 0.00
CVE-2023-37943
MEDIUM
Jenkins Active Directory Plugin < 2.30 - Unauthenticated Sensitive Data Exposure via Unencrypted Connection Test
Jul 12, 2023
CVSS 5.9
EPSS 0.00
CVE-2023-37942
MEDIUM
Jenkins External Monitor Job Type Plugin < 206.v9a_94ff0b_4a_10 - XML External Entity Injection
Jul 12, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-3315
MEDIUM
Jenkins Team Concert Plugin <2.4.1 - Info Disclosure
Jun 19, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-35149
MEDIUM
Jenkins Digital.ai App Management Publisher Plugin < 2.6 - Missing Authorization
Jun 14, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-35148
MEDIUM
Jenkins Digital.ai App Management Publisher < 2.6 - Cross-Site Request Forgery
Jun 14, 2023
CVSS 6.5
EPSS 0.00
CVE-2023-35147
MEDIUM
Jenkins AWS CodeCommit Trigger Plugin <= 3.0.12 - Arbitrary File Read via SQS Queue Name Path Parameter
Jun 14, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-35145
MEDIUM
Jenkins Sonargraph Integration Plugin < 5.0.1 - Stored Cross-Site Scripting in Log File Field Form Validation
Jun 14, 2023
CVSS 5.4
EPSS 0.01
CVE-2023-2631
MEDIUM
Jenkins Code Dx Plugin <3.1.0 - SSRF
May 16, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-2195
MEDIUM
Jenkins Code Dx Plugin <3.1.0 - CSRF
May 16, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-2633
MEDIUM
Jenkins Code Dx Plugin <3.1.0 - Info Disclosure
May 16, 2023
CVSS 4.3
EPSS 0.00
Products
script-security 35
git 13
email-ext 12
active-directory 11
config-file-provider 9
electricflow 9
credentials-binding 8
ec2 8
oic-auth 8
subversion 8
artifactory 7
htmlpublisher 7
jobConfigHistory 7
mercurial 7
openshift-deployer 7
rundeck 7
azure-ad 6
azure-vm-agents 6
ec2-deployment-dashboard 6
fortify-on-demand-uploader 6
ghprb 6
gitlab-oauth 6
gitlab-plugin 6
pipeline-maven 6
repository-connector 6
aws-codecommit-trigger 5
codedx 5
credentials 5
delphix 5
extended-choice-parameter 5
Quick Filters