CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

81 matches found

CNNVD•added 2024/03/06 12:0 a.m.•3 views

Jenkins HTML Publisher Plugin Security Vulnerability

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability ...

4.3CVSS6.5AI score0.00939EPSS

Exploits0References3

RedHat Linux•added 2024/02/12 10:46 a.m.•1 views

Jenkins: Temporary file parameter created with insecure permissions

A flaw was found in Jenkins. When triggering a build from the Jenkins CLI, Jenkins creates a temporary file on the controller if a file parameter is provided through the CLI’s standard input. Affected versions of Jenkins create this temporary file in the default temporary directory with the defau...

4.4CVSS7.3AI score0.00244EPSS

Exploits0References5

RedHat Linux•added 2024/02/12 10:38 a.m.•3 views

jenkins-plugins: cloudbees-folder: Information disclosure in Folders Plugin

A flaw was found in the Jenkins Folders plugin. Affected versions of this plugin display an error message that includes an absolute path of a log file when attempting to access the Scan Organization Folder Log if no logs are available. This flaw exposes information about the Jenkins controller fi...

4.3CVSS5.7AI score0.00533EPSS

Exploits0References5

RedHat Linux•added 2024/02/12 10:27 a.m.•4 views

jenkins-plugins: cloudbees-folder: Information disclosure in Folders Plugin

4.3CVSS5.7AI score0.00533EPSS

Exploits0References5

Veracode•added 2024/01/31 6:55 a.m.•39 views

Arbitrary File Read

Jenkins-core is vulnerable to Arbitrary File Read. The vulnerable is due to the command parser improperly substituting the @ character followed by a file path in an argument with the content of the specified file. This flaw allows unauthenticated attackers to read arbitrary files on the Jenkins...

9.8CVSS6.7AI score0.99999EPSS

Exploits45References7Affected Software1

CNNVD•added 2024/01/24 12:0 a.m.•3 views

Jenkins Plugin Git server security vulnerability

6.5CVSS6.9AI score0.01262EPSS

Exploits0References5

CNNVD•added 2024/01/24 12:0 a.m.•4 views

Jenkins Security Vulnerabilities

Jenkins is a Jenkins open source application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying and automating any project. A security vulnerability exists in Jenkins 2.441 and earlier, LTS 2.426.2 and earlier, which stems from a vulnerability...

9.8CVSS6.8AI score0.99999EPSS

Exploits45References8

CNNVD•added 2024/01/24 12:0 a.m.•4 views

Jenkins Plugin Matrix Project Security Vulnerability

4.3CVSS6.8AI score0.00691EPSS

Exploits0References5

CNNVD•added 2024/01/24 12:0 a.m.•2 views

Jenkins Plugin Log Command Security Vulnerability

7.5CVSS7.1AI score0.00875EPSS

Exploits0References5

OSV•added 2023/12/13 6:15 p.m.•2 views

CVE-2023-50764

Jenkins Scriptler Plugin 342.v6a89fd40f466 and earlier does not restrict a file name query parameter in an HTTP endpoint, allowing attackers with Scriptler/Configure permission to delete arbitrary files on the Jenkins controller file system...

8.1CVSS5.9AI score0.00842EPSS

Exploits0References2

CNNVD•added 2023/12/13 12:0 a.m.•3 views

Jenkins OpenId Connect Authentication Plugin Security Vulnerability

6.7CVSS6.7AI score0.00286EPSS

Exploits0References4

CNNVD•added 2023/09/20 12:0 a.m.•4 views

Jenkins Code Issues Vulnerabilities

Jenkins is a Jenkins open source application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying and automating any project. Jenkins has a security vulnerability that stems from the use of the Stapler Web framework to handle file uploads creates...

8.1CVSS6.8AI score0.008EPSS

Exploits0References4

OSV•added 2023/07/12 4:15 p.m.•2 views

CVE-2023-37960

Jenkins MathWorks Polyspace Plugin 1.0.5 and earlier allows attackers with Item/Configure permission to send emails with arbitrary files from the Jenkins controller file systems...

6.5CVSS5.9AI score0.00955EPSS

Exploits0References2

CNNVD•added 2023/07/12 12:0 a.m.•4 views

Jenkins Plugin Benchmark Evaluator 跨站请求伪造漏洞

8.8CVSS8AI score0.00423EPSS

Exploits0References3

CNNVD•added 2023/07/12 12:0 a.m.•3 views

Jenkins Plugin Benchmark Evaluator 安全漏洞

5.4CVSS5.8AI score0.00422EPSS

Exploits0References3

RedHat Linux•added 2023/01/12 4:49 p.m.•5 views

plugin: Mercurial SCM plugin can check out from the controller file system

A flaw was found in the Jenkins plugin. Affected versions of the Jenkins Mercurial Plugin allow attackers who can configure pipelines to check out some SCM repositories stored on the Jenkins controller's file system. This is accomplished by using local paths as SCM URLs, obtaining limited...

7.5CVSS5.8AI score0.01295EPSS

Exploits0References5

CNNVD•added 2022/09/21 12:0 a.m.•3 views

Jenkins CONS3RT Plugin 安全漏洞

6.5CVSS6.5AI score0.00658EPSS

Exploits0References4

OSV•added 2022/07/27 3:15 p.m.•1 views

CVE-2022-36913

Jenkins Openstack Heat Plugin 1.5 and earlier does not perform permission checks in methods implementing form validation, allowing attackers with Overall/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller file system...

4.3CVSS5.8AI score

Exploits0References2

CNNVD•added 2022/07/27 12:0 a.m.•4 views

Jenkins Repository Connector Plugin 安全漏洞

4.3CVSS5.2AI score0.00561EPSS

Exploits0References6

CNNVD•added 2022/07/27 12:0 a.m.•9 views

Jenkins CLIF Performance Testing Plugin 路径遍历漏洞

6.5CVSS6.8AI score0.00651EPSS

Exploits0References6

Rows per page