CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Jenkins : Security Vulnerabilities (CVSS score between 5 and 5.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2022-34180 862 2022-06-23 2022-06-29
5.0
None Remote Low Not required Partial None None
Jenkins Embeddable Build Status Plugin 2.0.3 and earlier does not correctly perform the ViewStatus permission check in the HTTP endpoint it provides for "unprotected" status badge access, allowing attackers without any permissions to obtain the build status badge icon for any attacker-specified job and/or build.
2 CVE-2022-34179 22 Dir. Trav. 2022-06-23 2022-06-29
5.0
None Remote Low Not required Partial None None
Jenkins Embeddable Build Status Plugin 2.0.3 and earlier allows specifying a `style` query parameter that is used to choose a different SVG image style without restricting possible values, resulting in a relative path traversal vulnerability that allows attackers without Overall/Read permission to specify paths to other SVG images on the Jenkins controller file system.
3 CVE-2022-34177 22 Dir. Trav. 2022-06-23 2022-06-29
5.0
None Remote Low Not required None Partial None
Jenkins Pipeline: Input Step Plugin 448.v37cea_9a_10a_70 and earlier archives files uploaded for `file` parameters for Pipeline `input` steps on the controller as part of build metadata, using the parameter name without sanitization as a relative path inside a build-related directory, allowing attackers able to configure Pipelines to create or replace arbitrary files on the Jenkins controller file system with attacker-specified content.
4 CVE-2022-34175 Bypass 2022-06-23 2022-10-20
5.0
None Remote Low Not required Partial None None
Jenkins 2.335 through 2.355 (both inclusive) allows attackers in some cases to bypass a protection mechanism, thereby directly accessing some view fragments containing sensitive information, bypassing any permission checks in the corresponding view.
5 CVE-2022-34174 203 2022-06-23 2022-06-29
5.0
None Remote Low Not required Partial None None
In Jenkins 2.355 and earlier, LTS 2.332.3 and earlier, an observable timing discrepancy on the login form allows distinguishing between login attempts with an invalid username, and login attempts with a valid username and wrong password, when using the Jenkins user database security realm.
6 CVE-2022-30949 +Info 2022-05-17 2022-05-26
5.0
None Remote Low Not required Partial None None
Jenkins REPO Plugin 1.14.0 and earlier allows attackers able to configure pipelines to check out some SCM repositories stored on the Jenkins controller's file system using local paths as SCM URLs, obtaining limited information about other projects' SCM contents.
7 CVE-2022-30948 +Info 2022-05-17 2022-05-26
5.0
None Remote Low Not required Partial None None
Jenkins Mercurial Plugin 2.16 and earlier allows attackers able to configure pipelines to check out some SCM repositories stored on the Jenkins controller's file system using local paths as SCM URLs, obtaining limited information about other projects' SCM contents.
8 CVE-2022-30947 +Info 2022-05-17 2022-05-26
5.0
None Remote Low Not required Partial None None
Jenkins Git Plugin 4.11.1 and earlier allows attackers able to configure pipelines to check out some SCM repositories stored on the Jenkins controller's file system using local paths as SCM URLs, obtaining limited information about other projects' SCM contents.
9 CVE-2022-29047 863 2022-04-12 2022-04-20
5.0
None Remote Low Not required None Partial None
Jenkins Pipeline: Shared Groovy Libraries Plugin 564.ve62a_4eb_b_e039 and earlier, except 2.21.3, allows attackers able to submit pull requests (or equivalent), but not able to commit directly to the configured SCM, to effectively change the Pipeline behavior by changing the definition of a dynamically retrieved library in their pull request, even if the Pipeline is configured to not trust them.
10 CVE-2022-28155 611 2022-03-29 2022-04-04
5.5
None Remote Low ??? Partial Partial None
Jenkins Pipeline: Phoenix AutoTest Plugin 1.3 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.
11 CVE-2022-28154 611 2022-03-29 2022-04-04
5.5
None Remote Low ??? Partial Partial None
Jenkins Coverage/Complexity Scatter Plot Plugin 1.1.1 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.
12 CVE-2022-28140 611 2022-03-29 2022-04-04
5.5
None Remote Low ??? Partial Partial None
Jenkins Flaky Test Handler Plugin 1.2.1 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.
13 CVE-2022-28134 862 2022-03-29 2022-04-04
5.5
None Remote Low ??? Partial Partial None
Jenkins Bitbucket Server Integration Plugin 3.1.0 and earlier does not perform permission checks in several HTTP endpoints, allowing attackers with Overall/Read permission to create, view, and delete BitBucket Server consumers.
14 CVE-2022-25204 2022-02-15 2022-02-23
5.5
None Remote Low ??? Partial Partial None
Jenkins Doktor Plugin 0.4.1 and earlier implements functionality that allows agent processes to render files on the controller as Markdown or Asciidoc, and error messages allow attackers able to control agent processes to determine whether a file with a given name exists.
15 CVE-2022-23117 269 2022-01-12 2022-01-19
5.0
None Remote Low Not required Partial None None
Jenkins Conjur Secrets Plugin 1.0.9 and earlier implements functionality that allows attackers able to control agent processes to retrieve all username/password credentials stored on the Jenkins controller.
16 CVE-2022-23116 311 2022-01-12 2022-01-18
5.0
None Remote Low Not required Partial None None
Jenkins Conjur Secrets Plugin 1.0.9 and earlier implements functionality that allows attackers able to control agent processes to decrypt secrets stored in Jenkins obtained through another method.
17 CVE-2022-23115 352 CSRF 2022-01-12 2022-01-18
5.8
None Remote Medium Not required Partial Partial None
Cross-site request forgery (CSRF) vulnerabilities in Jenkins batch task Plugin 1.19 and earlier allows attackers with Overall/Read access to retrieve logs, build or delete a batch task.
18 CVE-2022-23107 22 Dir. Trav. 2022-01-12 2022-03-23
5.5
None Remote Low ??? Partial Partial None
Jenkins Warnings Next Generation Plugin 9.10.2 and earlier does not restrict the name of a file when configuring custom ID, allowing attackers with Item/Configure permission to write and read specific files with a hard-coded suffix on the Jenkins controller file system.
19 CVE-2022-23106 203 2022-01-12 2022-01-18
5.0
None Remote Low Not required Partial None None
Jenkins Configuration as Code Plugin 1.55 and earlier used a non-constant time comparison function when validating an authentication token allowing attackers to use statistical methods to obtain a valid authentication token.
20 CVE-2022-20619 352 CSRF 2022-01-12 2022-01-20
5.8
None Remote Medium Not required Partial Partial None
A cross-site request forgery (CSRF) vulnerability in Jenkins Bitbucket Branch Source Plugin 737.vdf9dc06105be and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.
21 CVE-2022-2048 400 DoS 2022-07-07 2022-10-25
5.0
None Remote Low Not required None None Partial
In Eclipse Jetty HTTP/2 server implementation, when encountering an invalid HTTP/2 request, the error handling has a bug that can wind up not properly cleaning up the active connections and associated resources. This can lead to a Denial of Service scenario where there are no enough resources left to process good requests.
22 CVE-2022-0538 502 2022-02-09 2022-02-11
5.0
None Remote Low Not required None None Partial
Jenkins 2.333 and earlier, LTS 2.319.2 and earlier defines custom XStream converters that have not been updated to apply the protections for the vulnerability CVE-2021-43859 and allow unconstrained resource usage.
23 CVE-2021-43578 693 2021-11-12 2021-11-17
5.5
None Remote Low ??? None Partial Partial
Jenkins Squash TM Publisher (Squash4Jenkins) Plugin 1.0.0 and earlier implements an agent-to-controller message that does not implement any validation of its input, allowing attackers able to control agent processes to replace arbitrary files on the Jenkins controller file system with an attacker-controlled JSON string.
24 CVE-2021-43577 611 2021-11-12 2021-11-17
5.5
None Remote Low ??? Partial Partial None
Jenkins OWASP Dependency-Check Plugin 5.1.1 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.
25 CVE-2021-21698 22 Dir. Trav. 2021-11-04 2021-11-08
5.0
None Remote Low Not required Partial None None
Jenkins Subversion Plugin 2.15.0 and earlier does not restrict the name of a file when looking up a subversion key file on the controller from an agent.
26 CVE-2021-21688 862 2021-11-04 2021-11-05
5.0
None Remote Low Not required Partial None None
The agent-to-controller security check FilePath#reading(FileVisitor) in Jenkins 2.318 and earlier, LTS 2.303.2 and earlier does not reject any operations, allowing users to have unrestricted read access using certain operations (creating archives, FilePath#copyRecursiveTo).
27 CVE-2021-21686 59 2021-11-04 2021-11-08
5.8
None Remote Medium Not required Partial Partial None
File path filters in the agent-to-controller security subsystem of Jenkins 2.318 and earlier, LTS 2.303.2 and earlier do not canonicalize paths, allowing operations to follow symbolic links to outside allowed directories.
28 CVE-2021-21680 611 2021-08-31 2021-09-07
5.5
None Remote Low ??? Partial Partial None
Jenkins Nested View Plugin 1.20 and earlier does not configure its XML transformer to prevent XML external entity (XXE) attacks.
29 CVE-2021-21673 601 2021-06-30 2021-07-06
5.8
None Remote Medium Not required Partial Partial None
Jenkins CAS Plugin 1.6.0 and earlier improperly determines that a redirect URL after login is legitimately pointing to Jenkins, allowing attackers to perform phishing attacks.
30 CVE-2021-21671 384 2021-06-30 2021-07-06
5.1
None Remote High Not required Partial Partial Partial
Jenkins 2.299 and earlier, LTS 2.289.1 and earlier does not invalidate the previous session on login.
31 CVE-2021-21659 611 2021-05-25 2021-05-28
5.5
None Remote Low ??? Partial None Partial
Jenkins URLTrigger Plugin 0.48 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.
32 CVE-2021-21656 611 2021-05-11 2021-05-19
5.5
None Remote Low ??? Partial Partial None
Jenkins Xcode integration Plugin 2.0.14 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.
33 CVE-2021-21655 352 CSRF 2021-05-11 2021-05-20
5.8
None Remote Medium Not required Partial Partial None
A cross-site request forgery (CSRF) vulnerability in Jenkins P4 Plugin 1.11.4 and earlier allows attackers to connect to an attacker-specified Perforce server using attacker-specified username and password.
34 CVE-2021-21652 352 CSRF 2021-05-11 2023-01-30
5.8
None Remote Medium Not required Partial Partial None
A cross-site request forgery (CSRF) vulnerability in Jenkins Xray - Test Management for Jira Plugin 2.4.0 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.
35 CVE-2021-21644 352 CSRF 2021-04-21 2021-04-26
5.8
None Remote Medium Not required None Partial Partial
A cross-site request forgery (CSRF) vulnerability in Jenkins Config File Provider Plugin 3.7.0 and earlier allows attackers to delete configuration files corresponding to an attacker-specified ID.
36 CVE-2021-21642 611 2021-04-21 2021-04-23
5.5
None Remote Low ??? Partial Partial None
Jenkins Config File Provider Plugin 3.7.0 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.
37 CVE-2021-21621 200 +Info 2021-02-24 2022-10-25
5.0
None Remote Low Not required Partial None None
Jenkins Support Core Plugin 2.72 and earlier provides the serialized user authentication as part of the "About user (basic authentication details only)" information, which can include the session ID of the user creating the support bundle in some configurations.
38 CVE-2021-21609 863 2021-01-13 2021-01-15
5.0
None Remote Low Not required Partial None None
Jenkins 2.274 and earlier, LTS 2.263.1 and earlier does not correctly match requested URLs to the list of always accessible paths, allowing attackers without Overall/Read permission to access some URLs as if they did have Overall/Read permission.
39 CVE-2020-2324 611 2020-12-03 2020-12-07
5.0
None Remote Low Not required Partial None None
Jenkins CVS Plugin 2.16 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.
40 CVE-2020-2321 352 CSRF 2020-12-03 2020-12-04
5.8
None Remote Medium Not required None Partial Partial
A cross-site request forgery (CSRF) vulnerability in Jenkins Shelve Project Plugin 3.0 and earlier allows attackers to shelve, unshelve, or delete a project.
41 CVE-2020-2288 185 Bypass 2020-10-08 2020-10-09
5.0
None Remote Low Not required None Partial None
In Jenkins Audit Trail Plugin 3.6 and earlier, the default regular expression pattern could be bypassed in many cases by adding a suffix to the URL that would be ignored during request handling.
42 CVE-2020-2287 435 Bypass 2020-10-08 2020-10-16
5.0
None Remote Low Not required None Partial None
Jenkins Audit Trail Plugin 3.6 and earlier applies pattern matching to a different representation of request URL paths than the Stapler web framework uses for dispatching requests, which allows attackers to craft URLs that bypass request logging of any target URL.
43 CVE-2020-2284 611 2020-09-23 2020-09-28
5.5
None Remote Low ??? Partial Partial None
Jenkins Liquibase Runner Plugin 1.4.5 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.
44 CVE-2020-2281 352 CSRF 2020-09-23 2020-09-28
5.8
None Remote Medium Not required None Partial Partial
A cross-site request forgery (CSRF) vulnerability in Jenkins Lockable Resources Plugin 2.8 and earlier allows attackers to reserve, unreserve, unlock, and reset resources.
45 CVE-2020-2253 295 2020-09-16 2020-09-18
5.8
None Remote Medium Not required Partial Partial None
Jenkins Email Extension Plugin 2.75 and earlier does not perform hostname validation when connecting to the configured SMTP server.
46 CVE-2020-2252 295 2020-09-16 2020-09-18
5.8
None Remote Medium Not required Partial Partial None
Jenkins Mailer Plugin 1.32 and earlier does not perform hostname validation when connecting to the configured SMTP server.
47 CVE-2020-2245 611 2020-09-01 2020-09-04
5.5
None Remote Low ??? Partial Partial None
Jenkins Valgrind Plugin 0.28 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.
48 CVE-2020-2232 319 2020-08-12 2020-08-13
5.0
None Remote Low Not required Partial None None
Jenkins Email Extension Plugin 2.72 and 2.73 transmits and displays the SMTP password in plain text as part of the global Jenkins configuration form, potentially resulting in its exposure.
49 CVE-2020-2204 862 2020-07-02 2020-07-15
5.5
None Remote Low ??? Partial Partial None
A missing permission check in Jenkins Fortify on Demand Plugin 5.0.1 and earlier allows attackers with Overall/Read permission to connect to the globally configured Fortify on Demand endpoint using attacker-specified credentials IDs.
50 CVE-2020-2178 611 2020-04-16 2020-04-27
5.5
None Remote Low ??? Partial Partial None
Jenkins Parasoft Findings Plugin 10.4.3 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.
Total number of vulnerabilities : 140   Page : 1 (This Page)2 3
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.