Jenkins Security Vulnerabilities
Jenkins S3 Explorer Plugin 1.0.8 and earlier does not mask the AWS_SECRET_ACCESS_KEY form field, increasing the potential for attackers to observe and capture it.
5.3CVSS
5.2AI Score
0.001EPSS
Jenkins Compuware Topaz for Total Test Plugin 2.4.8 and earlier does not perform permission checks in several HTTP endpoints, allowing attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.
4.3CVSS
4.5AI Score
0.001EPSS
Jenkins Compuware Topaz for Total Test Plugin 2.4.8 and earlier implements an agent/controller message that does not limit where it can be executed, allowing attackers able to control agent processes to obtain the values of Java system properties from the Jenkins controller process.
5.3CVSS
5.2AI Score
0.001EPSS
Jenkins Compuware Topaz for Total Test Plugin 2.4.8 and earlier implements an agent/controller message that does not limit where it can be executed, allowing attackers able to control agent processes to read arbitrary files on the Jenkins controller file system.
7.5CVSS
7.4AI Score
0.002EPSS
Jenkins Compuware Topaz for Total Test Plugin 2.4.8 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.
7.5CVSS
7.5AI Score
0.002EPSS
Jenkins Compuware Strobe Measurement Plugin 1.0.1 and earlier does not perform a permission check in an HTTP endpoint, allowing attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.
4.3CVSS
4.4AI Score
0.001EPSS
Jenkins XFramium Builder Plugin 1.0.22 and earlier programmatically disables Content-Security-Policy protection for user-generated content in workspaces, archived artifacts, etc. that Jenkins offers for download.
4.3CVSS
4.6AI Score
0.001EPSS
Jenkins ScreenRecorder Plugin 0.7 and earlier programmatically disables Content-Security-Policy protection for user-generated content in workspaces, archived artifacts, etc. that Jenkins offers for download.
4.3CVSS
4.6AI Score
0.001EPSS
Jenkins NeuVector Vulnerability Scanner Plugin 1.20 and earlier programmatically disables Content-Security-Policy protection for user-generated content in workspaces, archived artifacts, etc. that Jenkins offers for download.
5.3CVSS
5.2AI Score
0.001EPSS
Jenkins 360 FireLine Plugin 1.7.2 and earlier programmatically disables Content-Security-Policy protection for user-generated content in workspaces, archived artifacts, etc. that Jenkins offers for download.
5.3CVSS
5.2AI Score
0.001EPSS
Jenkins Script Security Plugin 1189.vb_a_b_7c8fd5fde and earlier stores whole-script approvals as the SHA-1 hash of the script, making it vulnerable to collision attacks.
7.5CVSS
7.3AI Score
0.002EPSS
Jenkins JUnit Plugin 1159.v0b_396e1e07dd and earlier converts HTTP(S) URLs in test report output to clickable links in an unsafe manner, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.
5.4CVSS
5.2AI Score
0.001EPSS
Jenkins Pipeline Utility Steps Plugin 2.13.1 and earlier does not restrict the set of enabled prefix interpolators and bundles versions of Apache Commons Configuration library that enable the 'file:' prefix interpolator by default, allowing attackers able to configure Pipelines to read arbitrary fi...
8.1CVSS
7.7AI Score
0.001EPSS
Jenkins Naginator Plugin 1.18.1 and earlier does not escape display names of source builds in builds that were triggered via Retry action, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to edit build display names.
5.4CVSS
5.4AI Score
0.001EPSS
An incorrect permission check in Jenkins Support Core Plugin 1206.v14049fa_b_d860 and earlier allows attackers with Support/DownloadBundle permission to download a previously created support bundle containing information limited to users with Overall/Administer permission.
6.5CVSS
6.3AI Score
0.001EPSS
Jenkins Reverse Proxy Auth Plugin 1.7.3 and earlier stores the LDAP manager password unencrypted in the global config.xml file on the Jenkins controller where it can be viewed by attackers with access to the Jenkins controller file system.
6.5CVSS
6.6AI Score
0.001EPSS
A missing permission check in Jenkins CloudBees Docker Hub/Registry Notification Plugin 2.6.2 and earlier allows unauthenticated attackers to trigger builds of jobs corresponding to the attacker-specified repository.
7.5CVSS
7.6AI Score
0.001EPSS
Jenkins Violations Plugin 0.7.11 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.
5.5CVSS
5.8AI Score
0.001EPSS
Jenkins BART Plugin 1.0.3 and earlier does not escape the parsed content of build logs before rendering it on the Jenkins UI, resulting in a stored cross-site scripting (XSS) vulnerability.
5.4CVSS
5.4AI Score
0.001EPSS
Jenkins Config Rotator Plugin 2.0.1 and earlier does not restrict a file name query parameter in an HTTP endpoint, allowing unauthenticated attackers to read arbitrary files with '.xml' extension on the Jenkins controller file system.
7.5CVSS
7.6AI Score
0.002EPSS
A missing permission check in Jenkins XP-Dev Plugin 1.0 and earlier allows unauthenticated attackers to trigger builds of jobs corresponding to an attacker-specified repository.
5.3CVSS
5.6AI Score
0.001EPSS
A missing permission check in Jenkins loader.io Plugin 1.0.1 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.
4.3CVSS
4.7AI Score
0.001EPSS
Jenkins NS-ND Integration Performance Publisher Plugin 4.8.0.143 and earlier globally and unconditionally disables SSL/TLS certificate and hostname validation for the entire Jenkins controller JVM.
7.5CVSS
7.6AI Score
0.001EPSS
Jenkins NS-ND Integration Performance Publisher Plugin 4.8.0.143 and earlier stores passwords unencrypted in job config.xml files on the Jenkins controller where they can be viewed by attackers with Extended Read permission, or access to the Jenkins controller file system.
6.5CVSS
6.5AI Score
0.001EPSS
A cross-site request forgery (CSRF) vulnerability in Jenkins Delete log Plugin 1.0 and earlier allows attackers to delete build logs.
3.5CVSS
4.2AI Score
0.001EPSS
A missing permission check in Jenkins Delete log Plugin 1.0 and earlier allows attackers with Item/Read permission to delete build logs.
4.3CVSS
4.7AI Score
0.001EPSS
Jenkins CCCC Plugin 0.6 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.
9.8CVSS
9.3AI Score
0.002EPSS
Jenkins SourceMonitor Plugin 0.2 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.
9.8CVSS
9.4AI Score
0.002EPSS
Jenkins OSF Builder Suite : : XML Linter Plugin 1.0.2 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.
9.8CVSS
9.4AI Score
0.002EPSS
A cross-site request forgery (CSRF) vulnerability in Jenkins Cluster Statistics Plugin 0.4.6 and earlier allows attackers to delete recorded Jenkins Cluster Statistics.
4.3CVSS
4.9AI Score
0.001EPSS
A missing permission check in Jenkins Cluster Statistics Plugin 0.4.6 and earlier allows attackers to delete recorded Jenkins Cluster Statistics.
4.3CVSS
4.8AI Score
0.001EPSS
Jenkins JAPEX Plugin 1.7 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.
9.8CVSS
9.4AI Score
0.002EPSS
Jenkins Associated Files Plugin 0.2.1 and earlier does not escape names of associated files, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.
5.4CVSS
5.4AI Score
0.001EPSS
Jenkins Plot Plugin 2.1.11 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.
9.8CVSS
9.4AI Score
0.002EPSS
Jenkins Google Login Plugin 1.4 through 1.6 (both inclusive) improperly determines that a redirect URL after login is legitimately pointing to Jenkins.
6.1CVSS
6.3AI Score
0.001EPSS
Jenkins Checkmarx Plugin 2022.3.3 and earlier does not escape values returned from the Checkmarx service API before inserting them into HTML reports, resulting in a stored cross-site scripting (XSS) vulnerability.
5.4CVSS
5.4AI Score
0.001EPSS
Jenkins Custom Build Properties Plugin 2.79.vc095ccc85094 and earlier does not escape property values and build display names on the Custom Build Properties and Build Summary pages, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to set or change these v...
5.4CVSS
5.4AI Score
0.001EPSS
Jenkins Spring Config Plugin 2.0.0 and earlier does not escape build display names shown on the Spring Config view, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to change build display names.
5.4CVSS
5.4AI Score
0.001EPSS
A cross-site request forgery (CSRF) vulnerability in Jenkins Sonar Gerrit Plugin 377.v8f3808963dc5 and earlier allows attackers to have Jenkins connect to Gerrit servers (previously configured by Jenkins administrators) using attacker-specified credentials IDs obtained through another method, poten...
6.5CVSS
6.6AI Score
0.001EPSS
A cross-site request forgery (CSRF) vulnerability in Jenkins Code Dx Plugin 3.1.0 and earlier allows attackers to connect to an attacker-specified URL.
4.3CVSS
4AI Score
0.0004EPSS
A missing permission check in Jenkins Code Dx Plugin 3.1.0 and earlier allows attackers with Item/Read permission to check for the existence of an attacker-specified file path on an agent file system.
4.3CVSS
4.5AI Score
0.0005EPSS
A cross-site request forgery (CSRF) vulnerability in Synopsys Jenkins Coverity Plugin 3.0.2 and earlier allows attackers to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.
3.5CVSS
4.1AI Score
0.0005EPSS
Missing permission checks in Synopsys Jenkins Coverity Plugin 3.0.2 and earlier allow attackers with Overall/Read permission to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.
4.3CVSS
4.5AI Score
0.001EPSS
A missing permission check in Synopsys Jenkins Coverity Plugin 3.0.2 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.
4.3CVSS
4.4AI Score
0.001EPSS
A sandbox bypass vulnerability involving map constructors in Jenkins Script Security Plugin 1228.vd93135a_2fb_25 and earlier allows attackers with permission to define and run sandboxed scripts, including Pipelines, to bypass the sandbox protection and execute arbitrary code in the context of the J...
8.8CVSS
9.1AI Score
0.0004EPSS
A cross-site request forgery (CSRF) vulnerability in Jenkins Gerrit Trigger Plugin 2.38.0 and earlier allows attackers to rebuild previous builds triggered by Gerrit.
6.5CVSS
6.3AI Score
0.0005EPSS
Jenkins OpenId Connect Authentication Plugin 2.4 and earlier does not invalidate the previous session on login.
8.8CVSS
8.6AI Score
0.002EPSS
Jenkins Kubernetes Credentials Provider Plugin 1.208.v128ee9800c04 and earlier does not set the appropriate context for Kubernetes credentials lookup, allowing attackers with Item/Configure permission to access and potentially capture Kubernetes credentials they are not entitled to.
6.5CVSS
6.3AI Score
0.001EPSS
Jenkins Azure AD Plugin 303.va_91ef20ee49f and earlier does not invalidate the previous session on login.
8.8CVSS
8.5AI Score
0.002EPSS
Jenkins Bitbucket OAuth Plugin 0.12 and earlier does not invalidate the previous session on login.
9.8CVSS
9.3AI Score
0.002EPSS