org.jenkins-ci.plugins
1,035 tracked vulnerabilities.
CVE-2023-30527
MEDIUM
Jenkins WSO2 Oauth Plugin < 1.0 - Cleartext Storage of Sensitive Information in Global Config
Apr 12, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-30526
MEDIUM
Jenkins Report Portal Plugin < 0.5 - Missing Authorization for URL Connection with Bearer Token
Apr 12, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-30525
HIGH
Jenkins Report Portal Plugin < 0.5 - Cross-Site Request Forgery
Apr 12, 2023
CVSS 8.8
EPSS 0.01
CVE-2023-30524
MEDIUM
Jenkins Report Portal Plugin <0.5 - Info Disclosure
Apr 12, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-30523
MEDIUM
Jenkins Report Portal Plugin <= 0.5 - Cleartext Storage of Sensitive Information in Job Configuration
Apr 12, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-30522
MEDIUM
Jenkins Fogbugz Plugin < 2.2.17 - Missing Authorization via Jobname Parameter
Apr 12, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-30521
MEDIUM
Jenkins Assembla Merge Request Builder < 1.1.13 - Unauthenticated Build Triggering
Apr 12, 2023
CVSS 5.3
EPSS 0.01
CVE-2023-30520
MEDIUM
Jenkins Quay.io trigger Plugin <= 0.1 - Stored Cross-Site Scripting via Repository Homepage URL
Apr 12, 2023
CVSS 5.4
EPSS 0.00
CVE-2023-30519
MEDIUM
Jenkins Quay.io trigger Plugin 0.1 - Unauthenticated Missing Authorization
Apr 12, 2023
CVSS 5.3
EPSS 0.00
CVE-2023-30516
MEDIUM
Jenkins Image Tag Parameter Plugin < 2.0 - Improper Certificate Validation
Apr 12, 2023
CVSS 6.5
EPSS 0.00
CVE-2023-30514
HIGH
Jenkins Azure Key Vault Plugin < 187.va_cd5fecd198a - Credential Exposure in Build Log
Apr 12, 2023
CVSS 7.5
EPSS 0.00
CVE-2023-28683
HIGH
Jenkins Phabricator Differential Plugin <2.1.5 - XXE
Apr 02, 2023
CVSS 8.2
EPSS 0.01
CVE-2023-28682
HIGH
Jenkins Performance Publisher Plugin <8.09 - XXE
Apr 02, 2023
CVSS 8.2
EPSS 0.01
CVE-2023-28681
HIGH
Jenkins Visual Studio Code Metrics Plugin <1.7 - XXE
Apr 02, 2023
CVSS 8.2
EPSS 0.01
CVE-2023-28680
HIGH
Jenkins Crap4J Plugin < 0.9 - XML External Entity Injection
Apr 02, 2023
CVSS 7.5
EPSS 0.01
CVE-2023-28678
MEDIUM
Jenkins Cppcheck Plugin <1.26 - XSS
Apr 02, 2023
CVSS 5.4
EPSS 0.00
CVE-2023-28677
CRITICAL
Jenkins Convert To Pipeline Plugin <1.0 - RCE
Apr 02, 2023
CVSS 9.8
EPSS 0.01
CVE-2023-28676
HIGH
Jenkins Convert To Pipeline Plugin <1.0 - CSRF
Apr 02, 2023
CVSS 8.8
EPSS 0.01
CVE-2023-28669
MEDIUM
Jenkins JaCoCo Plugin < 3.3.2 - Stored Cross-Site Scripting via Unescaped Class and Method Names
Apr 02, 2023
CVSS 5.4
EPSS 0.01
CVE-2023-28668
CRITICAL
Jenkins Role-based Authorization Strategy Plugin <587.v2872c41fa_e5...
Apr 02, 2023
CVSS 9.8
EPSS 0.01
CVE-2023-28685
HIGH
Jenkins AbsInt a³ Plugin <1.1.0 - XXE
Mar 22, 2023
CVSS 7.1
EPSS 0.01
CVE-2023-23850
MEDIUM
Synopsys Jenkins Coverity Plugin <3.0.2 - Info Disclosure
Feb 15, 2023
CVSS 4.3
EPSS 0.01
CVE-2023-23848
MEDIUM
Synopsys Jenkins Coverity Plugin <3.0.2 - Privilege Escalation
Feb 15, 2023
CVSS 4.3
EPSS 0.01
CVE-2023-23847
LOW
Synopsys Jenkins Coverity Plugin <3.0.2 - CSRF
Feb 15, 2023
CVSS 3.5
EPSS 0.00
CVE-2023-25768
MEDIUM
Jenkins Azure Credentials Plugin < 254.v64da_8176c83a - Missing Authorization
Feb 15, 2023
CVSS 6.5
EPSS 0.01
Products
script-security 35
git 13
email-ext 12
active-directory 11
config-file-provider 9
electricflow 9
credentials-binding 8
ec2 8
oic-auth 8
subversion 8
artifactory 7
htmlpublisher 7
jobConfigHistory 7
mercurial 7
openshift-deployer 7
rundeck 7
azure-ad 6
azure-vm-agents 6
ec2-deployment-dashboard 6
fortify-on-demand-uploader 6
ghprb 6
gitlab-oauth 6
gitlab-plugin 6
pipeline-maven 6
repository-connector 6
aws-codecommit-trigger 5
codedx 5
credentials 5
delphix 5
extended-choice-parameter 5
Quick Filters