org.jenkins-ci.plugins
1,035 tracked vulnerabilities.
CVE-2023-2632
MEDIUM
Jenkins Code Dx Plugin <3.1.0 - Info Disclosure
May 16, 2023
CVSS 4.3
EPSS 0.01
CVE-2023-2196
MEDIUM
Jenkins Code Dx Plugin <3.1.0 - Info Disclosure
May 16, 2023
CVSS 4.3
EPSS 0.01
CVE-2023-33007
MEDIUM
Jenkins LoadComplete support Plugin <= 1.0 - Stored Cross-Site Scripting in LoadComplete Test Name
May 16, 2023
CVSS 5.4
EPSS 0.00
CVE-2023-33006
MEDIUM
Jenkins WSO2 Oauth Plugin < 1.0 - Cross-Site Request Forgery
May 16, 2023
CVSS 5.4
EPSS 0.00
CVE-2023-33005
MEDIUM
Jenkins WSO2 Oauth Plugin < 1.0 - Insufficient Session Expiration
May 16, 2023
CVSS 5.4
EPSS 0.00
CVE-2023-33004
MEDIUM
Jenkins Tag Profiler Plugin < 0.2 - Unauthenticated Statistics Reset via Missing Permission Check
May 16, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-33003
MEDIUM
Jenkins Tag Profiler Plugin < 0.2 - Cross-Site Request Forgery
May 16, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-33002
MEDIUM
Jenkins TestComplete support Plugin < 2.8.1 - Stored Cross-Site Scripting via TestComplete Project Name
May 16, 2023
CVSS 5.4
EPSS 0.02
CVE-2023-32997
HIGH
Jenkins CAS Plugin <1.6.2 - Auth Bypass
May 16, 2023
CVSS 8.8
EPSS 0.01
CVE-2023-32990
MEDIUM
Jenkins Azure VM Agents Plugin < 852.v8d35f0960a_43 - Missing Permission Check for Azure Cloud Server Connection
May 16, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-32989
HIGH
Jenkins Azure VM Agents Plugin < 852.v8d35f0960a_43 - Cross-Site Request Forgery
May 16, 2023
CVSS 8.8
EPSS 0.00
CVE-2023-32988
MEDIUM
Jenkins Azure VM Agents Plugin < 852.v8d35f0960a_43 - Credential ID Enumeration via Missing Permission Check
May 16, 2023
CVSS 4.3
EPSS 0.01
CVE-2023-32987
HIGH
Jenkins Reverse Proxy Auth Plugin < 1.7.4 - Cross-Site Request Forgery
May 16, 2023
CVSS 8.8
EPSS 0.00
CVE-2023-32985
MEDIUM
Jenkins Sidebar Link Plugin < 2.2.1 - Path Traversal via Form Validation
May 16, 2023
CVSS 4.3
EPSS 0.72
CVE-2023-32984
MEDIUM
Jenkins TestNG Results Plugin < 730.v4c5283037693 - Stored Cross-Site Scripting via TestNG Report File Parsing
May 16, 2023
CVSS 5.4
EPSS 0.00
CVE-2023-32983
MEDIUM
Jenkins Ansible Plugin < 204.v8191fd551eb_f - Cleartext Storage of Sensitive Information in Configuration Form
May 16, 2023
CVSS 5.3
EPSS 0.00
CVE-2023-32982
MEDIUM
Jenkins Ansible Plugin < 204.v8191fd551eb_f - Cleartext Storage of Sensitive Information in Job config.xml
May 16, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-32981
HIGH
Jenkins Pipeline Utility Steps < 2.15.2 - Arbitrary File Write via Crafted Archive Parameter
May 16, 2023
CVSS 8.8
EPSS 0.01
CVE-2023-32980
MEDIUM
Jenkins Email Extension Plugin < 2.96 - Cross-Site Request Forgery
May 16, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-32979
MEDIUM
Jenkins Email Extension Plugin < 2.96 - Unauthenticated File Existence Disclosure via Form Validation
May 16, 2023
CVSS 4.3
EPSS 0.01
CVE-2023-32978
MEDIUM
Jenkins LDAP Plugin < 673.v034ec70ec2b_b - Cross-Site Request Forgery
May 16, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-30531
MEDIUM
Jenkins Consul KV Builder Plugin < 2.0.13 - Cleartext Storage of Sensitive Information
Apr 12, 2023
CVSS 6.5
EPSS 0.00
CVE-2023-30530
MEDIUM
Jenkins Consul KV Builder Plugin <= 2.0.13 - Cleartext Storage of Sensitive Information
Apr 12, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-30529
MEDIUM
Jenkins Lucene-Search Plugin < 387.v938a_ecb_f7fe9 - Cross-Site Request Forgery
Apr 12, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-30528
MEDIUM
Jenkins WSO2 Oauth Plugin <= 1.0 - Cleartext Storage of Sensitive Information in Global Configuration Form
Apr 12, 2023
CVSS 6.5
EPSS 0.00
Products
script-security 35
git 13
email-ext 12
active-directory 11
config-file-provider 9
electricflow 9
credentials-binding 8
ec2 8
oic-auth 8
subversion 8
artifactory 7
htmlpublisher 7
jobConfigHistory 7
mercurial 7
openshift-deployer 7
rundeck 7
azure-ad 6
azure-vm-agents 6
ec2-deployment-dashboard 6
fortify-on-demand-uploader 6
ghprb 6
gitlab-oauth 6
gitlab-plugin 6
pipeline-maven 6
repository-connector 6
aws-codecommit-trigger 5
codedx 5
credentials 5
delphix 5
extended-choice-parameter 5
Quick Filters