Skip to main content

48 docs tagged with "Jenkins"

View all tags

CVE-2018-1000406

A path traversal vulnerability exists in Jenkins 2.145 and earlier, LTS 2.138.1 and earlier in core/

CVE-2018-1000407

A cross-site scripting vulnerability exists in Jenkins 2.145 and earlier, LTS 2.138.1 and earlier in

CVE-2018-1000408

A denial of service vulnerability exists in Jenkins 2.145 and earlier, LTS 2.138.1 and earlier in co

CVE-2018-1000409

A session fixation vulnerability exists in Jenkins 2.145 and earlier, LTS 2.138.1 and earlier in cor

CVE-2018-1000410

An information exposure vulnerability exists in Jenkins 2.145 and earlier, LTS 2.138.1 and earlier,

CVE-2018-1000411

A cross-site request forgery vulnerability exists in Jenkins JUnit Plugin 1.25 and earlier in TestOb

CVE-2018-1000412

An improper authorization vulnerability exists in Jenkins Jira Plugin 3.0.1 and earlier in JiraSite.

CVE-2018-1000413

A cross-site scripting vulnerability exists in Jenkins Config File Provider Plugin 3.1 and earlier i

CVE-2018-1000414

A cross-site request forgery vulnerability exists in Jenkins Config File Provider Plugin 3.1 and ear

CVE-2018-1000415

A cross-site scripting vulnerability exists in Jenkins Rebuilder Plugin 1.28 and earlier in RebuildA

CVE-2018-1000416

A reflected cross-site scripting vulnerability exists in Jenkins Job Config History Plugin 2.18 and

CVE-2018-1000417

A cross-site request forgery vulnerability exists in Jenkins Email Extension Template Plugin 1.0 and

CVE-2018-1000418

An improper authorization vulnerability exists in Jenkins HipChat Plugin 2.2.0 and earlier in HipCha

CVE-2018-1000419

An improper authorization vulnerability exists in Jenkins HipChat Plugin 2.2.0 and earlier in HipCha

CVE-2018-1000420

An improper authorization vulnerability exists in Jenkins Mesos Plugin 0.17.1 and earlier in MesosCl

CVE-2018-1000421

An improper authorization vulnerability exists in Jenkins Mesos Plugin 0.17.1 and earlier in MesosCl

CVE-2018-1000422

An improper authorization vulnerability exists in Jenkins Crowd 2 Integration Plugin 2.0.0 and earli

CVE-2018-1000423

An insufficiently protected credentials vulnerability exists in Jenkins Crowd 2 Integration Plugin 2

CVE-2018-1000424

An insufficiently protected credentials vulnerability exists in Jenkins Artifactory Plugin 2.16.1 an

CVE-2018-1000425

An insufficiently protected credentials vulnerability exists in Jenkins SonarQube Scanner Plugin 2.8

CVE-2018-1000426

A cross-site scripting vulnerability exists in Jenkins Git Changelog Plugin 2.6 and earlier in GitCh

CVE-2022-20612

A cross-site request forgery (CSRF) vulnerability in Jenkins 2.329 and earlier, LTS 2.319.1 and earl

CVE-2022-20613

A cross-site request forgery (CSRF) vulnerability in Jenkins Mailer Plugin 391.ve4a_38c1b_cf4b_ and

CVE-2022-20614

A missing permission check in Jenkins Mailer Plugin 391.ve4a_38c1b_cf4b_ and earlier allows attacker

CVE-2022-20615

Jenkins Matrix Project Plugin 1.19 and earlier does not escape HTML metacharacters in node and label

CVE-2022-20616

Jenkins Credentials Binding Plugin 1.27 and earlier does not perform a permission check in a method

CVE-2022-20617

Jenkins Docker Commons Plugin 1.17 and earlier does not sanitize the name of an image or a tag, resu

CVE-2022-20618

A missing permission check in Jenkins Bitbucket Branch Source Plugin 737.vdf9dc06105be and earlier a

CVE-2022-20619

A cross-site request forgery (CSRF) vulnerability in Jenkins Bitbucket Branch Source Plugin 737.vdf9

CVE-2022-20620

Missing permission checks in Jenkins SSH Agent Plugin 1.23 and earlier allows attackers with Overall

CVE-2022-20621

Jenkins Metrics Plugin 4.0.2.8 and earlier stores an access key unencrypted in its global configurat

CVE-2022-23105

Jenkins Active Directory Plugin 2.25 and earlier does not encrypt the transmission of data between t

CVE-2022-23106

Jenkins Configuration as Code Plugin 1.55 and earlier used a non-constant time comparison function w

CVE-2022-23107

Jenkins Warnings Next Generation Plugin 9.10.2 and earlier does not restrict the name of a file when

CVE-2022-23108

Jenkins Badge Plugin 1.9 and earlier does not escape the description and does not check for allowed

CVE-2022-23109

Jenkins HashiCorp Vault Plugin 3.7.0 and earlier does not mask Vault credentials in Pipeline build l

CVE-2022-23110

Jenkins Publish Over SSH Plugin 1.22 and earlier does not escape the SSH server name, resulting in a

CVE-2022-23111

A cross-site request forgery (CSRF) vulnerability in Jenkins Publish Over SSH Plugin 1.22 and earlie

CVE-2022-23112

A missing permission check in Jenkins Publish Over SSH Plugin 1.22 and earlier allows attackers with

CVE-2022-23113

Jenkins Publish Over SSH Plugin 1.22 and earlier performs a validation of the file name specifying w

CVE-2022-23114

Jenkins Publish Over SSH Plugin 1.22 and earlier stores password unencrypted in its global configura

CVE-2022-23115

Cross-site request forgery (CSRF) vulnerabilities in Jenkins batch task Plugin 1.19 and earlier allo

CVE-2022-23116

Jenkins Conjur Secrets Plugin 1.0.9 and earlier implements functionality that allows attackers able

CVE-2022-23117

Jenkins Conjur Secrets Plugin 1.0.9 and earlier implements functionality that allows attackers able

CVE-2022-23118

Jenkins Debian Package Builder Plugin 1.6.11 and earlier implements functionality that allows agents

CVE-2023-6147

Qualys Jenkins Plugin for Policy Compliance prior to version and including 1.0.5 was identified to

CVE-2023-6148

Qualys Jenkins Plugin for Policy Compliance prior to version and including 1.0.5 was identified to

CVE-2023-6149

Qualys Jenkins Plugin for WAS prior to version and including 2.0.11 was identified to be affected b