Filter
-Infinity
0

Jenkins LTSA missing permission check in Jenkins 2.503 and earlier, LTS 2.492.2 and earlier allows attackers wi…

EPSS
0.03%
First published (updated )

Jenkins LTSA missing permission check in Jenkins 2.503 and earlier, LTS 2.492.2 and earlier allows attackers wi…

EPSS
0.03%
First published (updated )

Jenkins Templating Engine PluginCode Injection

8.8
EPSS
0.08%
First published (updated )

Jenkins Spring ConfigXSS

First published (updated )

maven/org.jenkins-ci.plugins:sonar-gerritCSRF

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

JenkinsXEE

First published (updated )

Jenkins Custom Build PropertiesXSS

First published (updated )

Jenkins CheckmarxXSS

First published (updated )

JenkinsJenkins Google Login Plugin 1.4 through 1.6 (both inclusive) improperly determines that a redirect U…

First published (updated )

Apache Tomcat- Rapid Reset HTTP/2 vulnerability

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Jenkins Script SecurityThe Script Security plugin before 1.18.1 in Jenkins might allow remote attackers to bypass a Groovy …

7.5
First published (updated )

maven/org.tap4j:tapPath Traversal

7.5
First published (updated )

maven/com.tupilabs.image_gallery:image-galleryPath Traversal

First published (updated )

Jenkins Build Failure Analyzer PluginXSS

First published (updated )

Jenkins Extra ColumnsXSS

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

maven/org.jenkins-ci.main:jenkins-coreThe remoting module in Jenkins before 2.32 and LTS before 2.19.3 allows remote attackers to execute …

First published (updated )

Jenkins Stack HammerJenkins Stack Hammer Plugin 1.0.6 and earlier stores Stack Hammer API keys unencrypted in job config…

EPSS
0.03%
First published (updated )

Jenkins Simple QueueCSRF

EPSS
0.02%
First published (updated )

Cadence vManager PluginJenkins Cadence vManager Plugin 4.0.0-282.v5096a_c2db_275 and earlier stores Verisium Manager vAPI k…

EPSS
0.03%
First published (updated )

Jenkins Monitor Remote JobJenkins monitor-remote-job Plugin 1.0 stores passwords unencrypted in job config.xml files on the Je…

EPSS
0.03%
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

JenkinsJenkins AsakusaSatellite Plugin 0.1.1 and earlier stores AsakusaSatellite API keys unencrypted in jo…

EPSS
0.03%
First published (updated )

JenkinsJenkins AsakusaSatellite Plugin 0.1.1 and earlier does not mask AsakusaSatellite API keys displayed …

EPSS
0.03%
First published (updated )

Jenkins LTSJenkins User Interface (UI) Information Disclosure Vulnerability

First published (updated )

maven/org.jenkins-ci.main:jenkins-corePath Traversal

First published (updated )

maven/org.jenkins-ci.main:jenkins-coreXSS

3.5
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Jenkins LTSXSS

2.1
First published (updated )

Jenkins SSH AgentWeak RNG

EPSS
0.04%
First published (updated )

Jenkins SSH SlaveWeak RNG

EPSS
0.04%
First published (updated )

Vulnerabilities in Jenkins Docker images

First published (updated )

maven/org.jvnet.hudson.plugins:mstestXEE

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203