VYPR

Vendor CVEs

Jenkins Project

All CVEs

1,579 total · sorted by risk
  • CVE-2017-1000362CriJul 17, 2017
    risk 0.57cvss 9.8epss 0.02

    The re-key admin monitor was introduced in Jenkins 1.498 and re-encrypted all secrets in JENKINS_HOME with a new key. It also created a backup directory with all old secrets, and the key used to encrypt them. These backups were world-readable and not removed afterwards. Jenkins…

  • CVE-2024-23898HigJan 24, 2024
    risk 0.56cvss 8.8epss 0.67

    Jenkins 2.217 through 2.441 (both inclusive), LTS 2.222.1 through 2.426.2 (both inclusive) does not perform origin validation of requests made through the CLI WebSocket endpoint, resulting in a cross-site WebSocket hijacking (CSWSH) vulnerability, allowing attackers to execute…

  • CVE-2023-27898CriMar 10, 2023
    risk 0.56cvss 9.6epss 0.02

    Jenkins 2.270 through 2.393 (both inclusive), LTS 2.277.1 through 2.375.3 (both inclusive) does not escape the Jenkins version a plugin depends on when rendering the error message stating its incompatibility with the current version of Jenkins, resulting in a stored cross-site…

  • CVE-2015-5317HigKEVNov 25, 2015
    risk 0.56cvss 7.5epss 0.22

    The Fingerprints pages in Jenkins before 1.638 and LTS before 1.625.2 might allow remote attackers to obtain sensitive job and build name information via a direct request.

  • CVE-2023-32986HigMay 16, 2023
    risk 0.55cvss 8.8epss 0.63

    Jenkins File Parameter Plugin 285.v757c5b_67a_c25 and earlier does not restrict the name (and resulting uploaded file name) of Stashed File Parameters, allowing attackers with Item/Configure permission to create or replace arbitrary files on the Jenkins controller file system…

  • CVE-2019-1003005HigFeb 6, 2019
    risk 0.55cvss 8.8epss 0.19

    A sandbox bypass vulnerability exists in Jenkins Script Security Plugin 1.50 and earlier in src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/SecureGroovyScript.java that allows attackers with Overall/Read permission to provide a Groovy script to an HTTP endpoint…

  • CVE-2017-2650HigJul 27, 2018
    risk 0.55cvss 8.5epss 0.01

    It was found that the use of Pipeline: Classpath Step Jenkins plugin enables a bypass of the Script Security sandbox for users with SCM commit access, as well as users with e.g. Job/Configure permission in Jenkins.

  • CVE-2017-1000106HigOct 5, 2017
    risk 0.55cvss 8.5epss 0.01

    Blue Ocean allows the creation of GitHub organization folders that are set up to scan a GitHub organization for repositories and branches containing a Jenkinsfile, and create corresponding pipelines in Jenkins. Its SCM content REST API supports the pipeline creation and editing…

  • CVE-2023-50774HigDec 13, 2023
    risk 0.53cvss 8.1epss 0.00

    A cross-site request forgery (CSRF) vulnerability in Jenkins HTMLResource Plugin 1.02 and earlier allows attackers to delete arbitrary files on the Jenkins controller file system.

  • CVE-2023-50764HigDec 13, 2023
    risk 0.53cvss 8.1epss 0.01

    Jenkins Scriptler Plugin 342.v6a_89fd40f466 and earlier does not restrict a file name query parameter in an HTTP endpoint, allowing attackers with Scriptler/Configure permission to delete arbitrary files on the Jenkins controller file system.

  • CVE-2023-43498HigSep 20, 2023
    risk 0.53cvss 8.1epss 0.01

    In Jenkins 2.423 and earlier, LTS 2.414.1 and earlier, processing file uploads using MultipartFormDataParser creates temporary files in the default system temporary directory with the default permissions for newly created files, potentially allowing attackers with access to the…

  • CVE-2023-43497HigSep 20, 2023
    risk 0.53cvss 8.1epss 0.01

    In Jenkins 2.423 and earlier, LTS 2.414.1 and earlier, processing file uploads using the Stapler web framework creates temporary files in the default system temporary directory with the default permissions for newly created files, potentially allowing attackers with access to…

  • CVE-2023-35142HigJun 14, 2023
    risk 0.53cvss 8.1epss 0.01

    Jenkins Checkmarx Plugin 2022.4.3 and earlier disables SSL/TLS validation for connections to the Checkmarx server by default.

  • CVE-2023-28683HigApr 2, 2023
    risk 0.53cvss 8.2epss 0.01

    Jenkins Phabricator Differential Plugin 2.1.5 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.

  • CVE-2023-28682HigApr 2, 2023
    risk 0.53cvss 8.2epss 0.01

    Jenkins Performance Publisher Plugin 8.09 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.

  • CVE-2023-28681HigApr 2, 2023
    risk 0.53cvss 8.2epss 0.01

    Jenkins Visual Studio Code Metrics Plugin 1.7 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.

  • CVE-2022-41244HigSep 21, 2022
    risk 0.53cvss 8.1epss 0.01

    Jenkins View26 Test-Reporting Plugin 1.0.7 and earlier does not perform hostname validation when connecting to the configured View26 server that could be abused using a man-in-the-middle attack to intercept these connections.

  • CVE-2022-41243HigSep 21, 2022
    risk 0.53cvss 8.1epss 0.01

    Jenkins SmallTest Plugin 1.0.4 and earlier does not perform hostname validation when connecting to the configured View26 server that could be abused using a man-in-the-middle attack to intercept these connections.

  • CVE-2022-36921HigJul 27, 2022
    risk 0.53cvss 8.1epss 0.01

    A missing permission check in Jenkins Coverity Plugin 1.11.4 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.

  • CVE-2022-28154HigMar 29, 2022
    risk 0.53cvss 8.1epss 0.01

    Jenkins Coverage/Complexity Scatter Plot Plugin 1.1.1 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.

  • CVE-2021-42306HigNov 24, 2021
    risk 0.53cvss 8.1epss 0.03

    An information disclosure vulnerability manifests when a user or an application uploads unprotected private key data as part of an authentication certificate keyCredential  on an Azure AD Application or Service Principal (which is not recommended). This vulnerability allows a…

  • CVE-2021-43578HigNov 12, 2021
    risk 0.53cvss 8.1epss 0.01

    Jenkins Squash TM Publisher (Squash4Jenkins) Plugin 1.0.0 and earlier implements an agent-to-controller message that does not implement any validation of its input, allowing attackers able to control agent processes to replace arbitrary files on the Jenkins controller file…

  • CVE-2021-33781HigJul 14, 2021
    risk 0.53cvss 8.1epss 0.02

    Azure AD Security Feature Bypass Vulnerability

  • CVE-2019-16558HigDec 17, 2019
    risk 0.53cvss 8.2epss 0.01

    Jenkins Spira Importer Plugin 3.2.3 and earlier disables SSL/TLS certificate validation for the Jenkins master JVM.

  • CVE-2019-10466HigOct 23, 2019
    risk 0.53cvss 8.1epss 0.01

    An XML external entities (XXE) vulnerability in Jenkins 360 FireLine Plugin allows attackers with Overall/Read access to have Jenkins resolve external entities, resulting in the extraction of secrets from the Jenkins agent, server-side request forgery, or denial-of-service…

  • CVE-2017-2649HigJul 27, 2018
    risk 0.53cvss 8.1epss 0.01

    It was found that the Active Directory Plugin for Jenkins up to and including version 2.2 did not verify certificates of the Active Directory server, thereby enabling Man-in-the-Middle attacks.

  • CVE-2026-42524HigApr 29, 2026
    risk 0.52cvss 8.0epss 0.00

    Jenkins HTML Publisher Plugin 427 and earlier does not escape job name and URL in the legacy wrapper file, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.

  • CVE-2023-35141HigJun 14, 2023
    risk 0.52cvss 8.0epss 0.01

    In Jenkins 2.399 and earlier, LTS 2.387.3 and earlier, POST requests are sent in order to load the list of context actions. If part of the URL includes insufficiently escaped user-provided values, a victim may be tricked into sending a POST request to an unexpected endpoint by…

  • CVE-2022-34181CriJun 23, 2022
    risk 0.52cvss 9.1epss 0.01

    Jenkins xUnit Plugin 3.0.8 and earlier implements an agent-to-controller message that creates a user-specified directory if it doesn't exist, and parsing files inside it as test results, allowing attackers able to control agent processes to create an arbitrary directory on the…

  • CVE-2021-21697CriNov 4, 2021
    risk 0.52cvss 9.1epss 0.02

    Jenkins 2.318 and earlier, LTS 2.303.2 and earlier allows any agent to read and write the contents of any build directory stored in Jenkins with very few restrictions.

  • CVE-2021-21689CriNov 4, 2021
    risk 0.52cvss 9.1epss 0.01

    FilePath#unzip and FilePath#untar were not subject to any agent-to-controller access control in Jenkins 2.318 and earlier, LTS 2.303.2 and earlier.

  • CVE-2021-21685CriNov 4, 2021
    risk 0.52cvss 9.1epss 0.01

    Jenkins 2.318 and earlier, LTS 2.303.2 and earlier does not check agent-to-controller access to create parent directories in FilePath#mkdirs.

  • CVE-2021-21658CriMay 25, 2021
    risk 0.52cvss 9.1epss 0.02

    Jenkins Nuget Plugin 1.0 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.

  • CVE-2020-2196HigJun 3, 2020
    risk 0.52cvss 8.0epss 0.01

    Jenkins Selenium Plugin 3.141.59 and earlier has no CSRF protection for its HTTP endpoints, allowing attackers to perform all administrative actions provided by the plugin.

  • CVE-2019-10392HigSep 12, 2019
    risk 0.52cvss 8.8epss 0.26

    Jenkins Git Client Plugin 2.8.4 and earlier and 3.0.0-rc did not properly restrict values passed as URL argument to an invocation of 'git ls-remote', resulting in OS command injection.

  • CVE-2017-1000086HigOct 5, 2017
    risk 0.52cvss 8.0epss 0.01

    The Periodic Backup Plugin did not perform any permission checks, allowing any user with Overall/Read access to change its settings, trigger backups, restore backups, download backups, and also delete all previous backups via log rotation. Additionally, the plugin was not…

  • CVE-2019-10461HigOct 23, 2019
    risk 0.51cvss 7.8epss 0.00

    Jenkins Dynatrace Application Monitoring Plugin 2.1.3 and earlier stored credentials unencrypted in its global configuration file on the Jenkins master where they could be viewed by users with access to the master file system.

  • CVE-2019-10453HigOct 16, 2019
    risk 0.51cvss 7.8epss 0.00

    Jenkins Delphix Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system.

  • CVE-2019-1003048HigMar 28, 2019
    risk 0.51cvss 7.8epss 0.00

    A vulnerability in Jenkins PRQA Plugin 3.1.0 and earlier allows attackers with local file system access to the Jenkins home directory to obtain the unencrypted password from the plugin configuration.

  • CVE-2019-1003038HigMar 8, 2019
    risk 0.51cvss 7.8epss 0.00

    An insufficiently protected credentials vulnerability exists in Jenkins Repository Connector Plugin 1.2.4 and earlier in src/main/java/org/jvnet/hudson/plugins/repositoryconnector/ArtifactDeployer.java, src/main/java/org/jvnet/hudson/plugins/repositoryconnector/Repository.java,…

  • CVE-2018-1000425HigJan 9, 2019
    risk 0.51cvss 7.8epss 0.00

    An insufficiently protected credentials vulnerability exists in Jenkins SonarQube Scanner Plugin 2.8 and earlier in SonarInstallation.java that allows attackers with local file system access to obtain the credentials used to connect to SonarQube.

  • CVE-2023-50768HigDec 13, 2023
    risk 0.50cvss 8.8epss 0.00

    A cross-site request forgery (CSRF) vulnerability in Jenkins Nexus Platform Plugin 3.18.0-03 and earlier allows attackers to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in…

  • CVE-2023-50766HigDec 13, 2023
    risk 0.50cvss 8.8epss 0.00

    A cross-site request forgery (CSRF) vulnerability in Jenkins Nexus Platform Plugin 3.18.0-03 and earlier allows attackers to send an HTTP request to an attacker-specified URL and parse the response as XML.

  • CVE-2023-43496HigSep 20, 2023
    risk 0.50cvss 8.8epss 0.01

    Jenkins 2.423 and earlier, LTS 2.414.1 and earlier creates a temporary file in the system temporary directory with the default permissions for newly created files when installing a plugin from a URL, potentially allowing attackers with access to the system temporary directory to…

  • CVE-2023-41933HigSep 6, 2023
    risk 0.50cvss 8.8epss 0.01

    Jenkins Job Configuration History Plugin 1227.v7a_79fc4dc01f and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.

  • CVE-2023-32997HigMay 16, 2023
    risk 0.50cvss 8.8epss 0.01

    Jenkins CAS Plugin 1.6.2 and earlier does not invalidate the previous session on login.

  • CVE-2023-32981HigMay 16, 2023
    risk 0.50cvss 8.8epss 0.01

    An arbitrary file write vulnerability in Jenkins Pipeline Utility Steps Plugin 2.15.2 and earlier allows attackers able to provide crafted archives as parameters to create or replace arbitrary files on the agent file system with attacker-specified content.

  • CVE-2023-25767HigFeb 15, 2023
    risk 0.50cvss 8.8epss 0.00

    A cross-site request forgery (CSRF) vulnerability in Jenkins Azure Credentials Plugin 253.v887e0f9e898b and earlier allows attackers to connect to an attacker-specified web server.

  • CVE-2023-24422HigJan 26, 2023
    risk 0.50cvss 8.8epss 0.01

    A sandbox bypass vulnerability involving map constructors in Jenkins Script Security Plugin 1228.vd93135a_2fb_25 and earlier allows attackers with permission to define and run sandboxed scripts, including Pipelines, to bypass the sandbox protection and execute arbitrary code in…

  • CVE-2022-43416HigOct 19, 2022
    risk 0.50cvss 8.8epss 0.01

    Jenkins Katalon Plugin 1.0.32 and earlier implements an agent/controller message that does not limit where it can be executed and allows invoking Katalon with configurable arguments, allowing attackers able to control agent processes to invoke Katalon on the Jenkins controller…

Page 5 of 32