CVE-2026-48922 high 7.5
7.5
jenkins 8d ago
Jenkins Credentials Binding Plugin 720.v3f6decef43ea_ and earlier does not properly sanitize file names for file and zip file credentials, allowing attackers able to provide credentials to a job to w…
CVE-2026-48921 high 7.5
7.5
jenkins 8d ago
Jenkins Pipeline: Groovy Libraries Plugin 797.v90ea_a_9b_e45a_0 and earlier does not prohibit symbolic links in shared libraries, allowing attackers able to control the content of a library used by a…
CVE-2026-48920 high 8.8
8.8
jenkins 8d ago
Jenkins Email Extension Plugin 1933.v45cec755423f and earlier allows inlining images as `base64` in email content by setting the `data-inline` attribute, without restrictions on the image URLs that c…
CVE-2026-42524 high 8.0
8.0
jenkins 1mo ago
Jenkins HTML Publisher Plugin has a XSS vulnerability in the legacy wrapper file
CVE-2026-42523 critical 9.0
9.0
jenkins 1mo ago
Jenkins GitHub Plugin has an XSS vulnerability
CVE-2026-42520 high 7.5
7.5
jenkins 1mo ago
Jenkins Credentials Binding Plugin has a path traversal vulnerability
CVE-2023-44487 high 7.5
10.0
KEV EXP FIX rocky rhel debian siemens ietf nghttp2 3y ago
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2017-1000245 critical 9.8
9.8
jenkins 9y ago
Jenkins SSH Plugin user passwords for encrypted SSH keys stored in plaintext
CVE-2017-1000244 high 8.8
8.8
jenkins 9y ago
Jenkins Favorite Plugin vulnerable to Cross-Site Request Forgery
CVE-2017-1000108 high 7.5
7.5
jenkins 9y ago
Jenkins Pipeline: Input Step Plugin
CVE-2017-1000107 high 8.8
8.8
jenkins 9y ago
Sandbox bypass in Jenkins Script Security Plugin sandbox bypass
CVE-2017-1000106 high 8.5
8.5
jenkins 9y ago
Improper Authentication in Jenkins Blue Ocean Plugin
CVE-2017-1000096 high 8.8
8.8
jenkins 9y ago
Arbitrary code execution due to incomplete sandbox protection in Jenkins Pipeline
CVE-2017-1000093 high 8.8
8.8
jenkins 9y ago
Jenkins Poll SCM Plugin vulnerable to Cross-Site Request Forgery
CVE-2017-1000092 high 7.5
7.5
jenkins 9y ago
Cross-Site Request Forgery in Jenkins Git Plugin
CVE-2017-1000090 high 8.8
8.8
jenkins 9y ago
CSRF vulnerability in Jenkins Role-based Authorization Strategy Plugin configuration
CVE-2017-1000086 high 8.0
8.0
jenkins 9y ago
Missing permission checks in Jenkins Periodic Backup Plugin allow every user to change settings
CVE-2017-1000362 critical 9.8
9.8
jenkins 9y ago
Exposure of Sensitive Information to an Unauthorized Actor in Jenkins
CVE-2016-4986 high 7.5
7.5
jenkins 9y ago
Jenkins TAP Plugin allows Path Traversal
CVE-2016-3102 high 7.3
7.3
jenkins 9y ago
Jenkins Script Security Plugin allows for Bypass of Groovy Sandbox Protection
CVE-2016-9299 critical 9.8
10.0
EXP fedora jenkins 10y ago
Improper Neutralization of Special Elements used in an LDAP Query in Jenkins
CVE-2016-3726 high 7.4
7.4
jenkins redhat 10y ago
Jenkins affected by Open Redirect Vulnerability
CVE-2016-0792 high 8.8
9.8
EXP jenkins redhat 10y ago
Jenkins allows Deserialization of Untrusted Data via an XML File
CVE-2016-0791 critical 9.8
9.8
redhat jenkins 10y ago
Exposure of Sensitive Information in Jenkins Core
CVE-2016-0788 critical 9.8
9.8
jenkins redhat 10y ago
Jenkins allows Execution of Code by Opening a JRMP Listener
CVE-2015-7539 high 7.5
7.5
jenkins redhat 11y ago
Jenkins does not Verify Checksums for Plugin Files
CVE-2015-7538 high 8.8
8.8
jenkins redhat 11y ago
Jenkins Vulnerable to Cross-Site Request Forgery (CSRF) Attack
CVE-2015-7537 high 8.8
8.8
redhat jenkins 11y ago
Jenkins Vulnerable to Cross-Site Request Forgery (CSRF) Attack
CVE-2015-8103 critical 9.8
10.0
EXP redhat jenkins 11y ago
Jenkins CLI Deserialization of Untrusted Data vulnerability
CVE-2015-5325 high —
7.5
redhat jenkins 11y ago
Jenkins allows Bypass of Access Restrictions
CVE-2015-1814 high —
7.5
jenkins redhat 11y ago
Jenkins allows for Privilege Escalation by Remote Authenticated Users
CVE-2014-2063 high —
7.5
jenkins 12y ago
Jenkins Vulnerable to Clickjacking
CVE-2014-3666 high —
7.5
redhat jenkins 12y ago
Jenkins allows for Code Execution via Crafted Packet to the CLI
CVE-2013-0329 high —
7.5
jenkins 13y ago
Jenkins Cross-Site Request Forgery vulnerability
