CVE-2018-1000406
A path traversal vulnerability exists in Jenkins 2.145 and earlier, LTS 2.138.1 and earlier in core/
A path traversal vulnerability exists in Jenkins 2.145 and earlier, LTS 2.138.1 and earlier in core/
A cross-site scripting vulnerability exists in Jenkins 2.145 and earlier, LTS 2.138.1 and earlier in
A denial of service vulnerability exists in Jenkins 2.145 and earlier, LTS 2.138.1 and earlier in co
A session fixation vulnerability exists in Jenkins 2.145 and earlier, LTS 2.138.1 and earlier in cor
An information exposure vulnerability exists in Jenkins 2.145 and earlier, LTS 2.138.1 and earlier,
A cross-site request forgery vulnerability exists in Jenkins JUnit Plugin 1.25 and earlier in TestOb
An improper authorization vulnerability exists in Jenkins Jira Plugin 3.0.1 and earlier in JiraSite.
A cross-site scripting vulnerability exists in Jenkins Config File Provider Plugin 3.1 and earlier i
A cross-site request forgery vulnerability exists in Jenkins Config File Provider Plugin 3.1 and ear
A cross-site scripting vulnerability exists in Jenkins Rebuilder Plugin 1.28 and earlier in RebuildA
A reflected cross-site scripting vulnerability exists in Jenkins Job Config History Plugin 2.18 and
A cross-site request forgery vulnerability exists in Jenkins Email Extension Template Plugin 1.0 and
An improper authorization vulnerability exists in Jenkins HipChat Plugin 2.2.0 and earlier in HipCha
An improper authorization vulnerability exists in Jenkins HipChat Plugin 2.2.0 and earlier in HipCha
An improper authorization vulnerability exists in Jenkins Mesos Plugin 0.17.1 and earlier in MesosCl
An improper authorization vulnerability exists in Jenkins Mesos Plugin 0.17.1 and earlier in MesosCl
An improper authorization vulnerability exists in Jenkins Crowd 2 Integration Plugin 2.0.0 and earli
An insufficiently protected credentials vulnerability exists in Jenkins Crowd 2 Integration Plugin 2
An insufficiently protected credentials vulnerability exists in Jenkins Artifactory Plugin 2.16.1 an
An insufficiently protected credentials vulnerability exists in Jenkins SonarQube Scanner Plugin 2.8
A cross-site scripting vulnerability exists in Jenkins Git Changelog Plugin 2.6 and earlier in GitCh
A cross-site request forgery (CSRF) vulnerability in Jenkins 2.329 and earlier, LTS 2.319.1 and earl
A cross-site request forgery (CSRF) vulnerability in Jenkins Mailer Plugin 391.ve4a_38c1b_cf4b_ and
A missing permission check in Jenkins Mailer Plugin 391.ve4a_38c1b_cf4b_ and earlier allows attacker
Jenkins Matrix Project Plugin 1.19 and earlier does not escape HTML metacharacters in node and label
Jenkins Credentials Binding Plugin 1.27 and earlier does not perform a permission check in a method
Jenkins Docker Commons Plugin 1.17 and earlier does not sanitize the name of an image or a tag, resu
A missing permission check in Jenkins Bitbucket Branch Source Plugin 737.vdf9dc06105be and earlier a
A cross-site request forgery (CSRF) vulnerability in Jenkins Bitbucket Branch Source Plugin 737.vdf9
Missing permission checks in Jenkins SSH Agent Plugin 1.23 and earlier allows attackers with Overall
Jenkins Metrics Plugin 4.0.2.8 and earlier stores an access key unencrypted in its global configurat
Jenkins Active Directory Plugin 2.25 and earlier does not encrypt the transmission of data between t
Jenkins Configuration as Code Plugin 1.55 and earlier used a non-constant time comparison function w
Jenkins Warnings Next Generation Plugin 9.10.2 and earlier does not restrict the name of a file when
Jenkins Badge Plugin 1.9 and earlier does not escape the description and does not check for allowed
Jenkins HashiCorp Vault Plugin 3.7.0 and earlier does not mask Vault credentials in Pipeline build l
Jenkins Publish Over SSH Plugin 1.22 and earlier does not escape the SSH server name, resulting in a
A cross-site request forgery (CSRF) vulnerability in Jenkins Publish Over SSH Plugin 1.22 and earlie
A missing permission check in Jenkins Publish Over SSH Plugin 1.22 and earlier allows attackers with
Jenkins Publish Over SSH Plugin 1.22 and earlier performs a validation of the file name specifying w
Jenkins Publish Over SSH Plugin 1.22 and earlier stores password unencrypted in its global configura
Cross-site request forgery (CSRF) vulnerabilities in Jenkins batch task Plugin 1.19 and earlier allo
Jenkins Conjur Secrets Plugin 1.0.9 and earlier implements functionality that allows attackers able
Jenkins Conjur Secrets Plugin 1.0.9 and earlier implements functionality that allows attackers able
Jenkins Debian Package Builder Plugin 1.6.11 and earlier implements functionality that allows agents
Qualys Jenkins Plugin for Policy Compliance prior to version and including 1.0.5 was identified to
Qualys Jenkins Plugin for Policy Compliance prior to version and including 1.0.5 was identified to
Qualys Jenkins Plugin for WAS prior to version and including 2.0.11 was identified to be affected b