org.jenkins-ci.plugins

1,035 tracked vulnerabilities.

CVE-2023-30527 MEDIUM
Jenkins WSO2 Oauth Plugin < 1.0 - Cleartext Storage of Sensitive Information in Global Config
Apr 12, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-30526 MEDIUM
Jenkins Report Portal Plugin < 0.5 - Missing Authorization for URL Connection with Bearer Token
Apr 12, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-30525 HIGH
Jenkins Report Portal Plugin < 0.5 - Cross-Site Request Forgery
Apr 12, 2023
CVSS 8.8
EPSS 0.01
CVE-2023-30524 MEDIUM
Jenkins Report Portal Plugin <0.5 - Info Disclosure
Apr 12, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-30523 MEDIUM
Jenkins Report Portal Plugin <= 0.5 - Cleartext Storage of Sensitive Information in Job Configuration
Apr 12, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-30522 MEDIUM
Jenkins Fogbugz Plugin < 2.2.17 - Missing Authorization via Jobname Parameter
Apr 12, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-30521 MEDIUM
Jenkins Assembla Merge Request Builder < 1.1.13 - Unauthenticated Build Triggering
Apr 12, 2023
CVSS 5.3
EPSS 0.01
CVE-2023-30520 MEDIUM
Jenkins Quay.io trigger Plugin <= 0.1 - Stored Cross-Site Scripting via Repository Homepage URL
Apr 12, 2023
CVSS 5.4
EPSS 0.00
CVE-2023-30519 MEDIUM
Jenkins Quay.io trigger Plugin 0.1 - Unauthenticated Missing Authorization
Apr 12, 2023
CVSS 5.3
EPSS 0.00
CVE-2023-30516 MEDIUM
Jenkins Image Tag Parameter Plugin < 2.0 - Improper Certificate Validation
Apr 12, 2023
CVSS 6.5
EPSS 0.00
CVE-2023-30514 HIGH
Jenkins Azure Key Vault Plugin < 187.va_cd5fecd198a - Credential Exposure in Build Log
Apr 12, 2023
CVSS 7.5
EPSS 0.00
CVE-2023-28683 HIGH
Jenkins Phabricator Differential Plugin <2.1.5 - XXE
Apr 02, 2023
CVSS 8.2
EPSS 0.01
CVE-2023-28682 HIGH
Jenkins Performance Publisher Plugin <8.09 - XXE
Apr 02, 2023
CVSS 8.2
EPSS 0.01
CVE-2023-28681 HIGH
Jenkins Visual Studio Code Metrics Plugin <1.7 - XXE
Apr 02, 2023
CVSS 8.2
EPSS 0.01
CVE-2023-28680 HIGH
Jenkins Crap4J Plugin < 0.9 - XML External Entity Injection
Apr 02, 2023
CVSS 7.5
EPSS 0.01
CVE-2023-28678 MEDIUM
Jenkins Cppcheck Plugin <1.26 - XSS
Apr 02, 2023
CVSS 5.4
EPSS 0.00
CVE-2023-28677 CRITICAL
Jenkins Convert To Pipeline Plugin <1.0 - RCE
Apr 02, 2023
CVSS 9.8
EPSS 0.01
CVE-2023-28676 HIGH
Jenkins Convert To Pipeline Plugin <1.0 - CSRF
Apr 02, 2023
CVSS 8.8
EPSS 0.01
CVE-2023-28669 MEDIUM
Jenkins JaCoCo Plugin < 3.3.2 - Stored Cross-Site Scripting via Unescaped Class and Method Names
Apr 02, 2023
CVSS 5.4
EPSS 0.01
CVE-2023-28668 CRITICAL
Jenkins Role-based Authorization Strategy Plugin <587.v2872c41fa_e5...
Apr 02, 2023
CVSS 9.8
EPSS 0.01
CVE-2023-28685 HIGH
Jenkins AbsInt a³ Plugin <1.1.0 - XXE
Mar 22, 2023
CVSS 7.1
EPSS 0.01
CVE-2023-23850 MEDIUM
Synopsys Jenkins Coverity Plugin <3.0.2 - Info Disclosure
Feb 15, 2023
CVSS 4.3
EPSS 0.01
CVE-2023-23848 MEDIUM
Synopsys Jenkins Coverity Plugin <3.0.2 - Privilege Escalation
Feb 15, 2023
CVSS 4.3
EPSS 0.01
CVE-2023-23847 LOW
Synopsys Jenkins Coverity Plugin <3.0.2 - CSRF
Feb 15, 2023
CVSS 3.5
EPSS 0.00
CVE-2023-25768 MEDIUM
Jenkins Azure Credentials Plugin < 254.v64da_8176c83a - Missing Authorization
Feb 15, 2023
CVSS 6.5
EPSS 0.01