# |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
1 |
CVE-2022-34793 |
611 |
|
|
2022-06-30 |
2022-07-08 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
Jenkins Recipe Plugin 1.2 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. |
2 |
CVE-2022-34792 |
352 |
|
CSRF |
2022-06-30 |
2022-07-08 |
6.0 |
None |
Remote |
Medium |
??? |
Partial |
Partial |
Partial |
A cross-site request forgery (CSRF) vulnerability in Jenkins Recipe Plugin 1.2 and earlier allows attackers to send an HTTP request to an attacker-specified URL and parse the response as XML. |
3 |
CVE-2022-34203 |
352 |
|
CSRF |
2022-06-23 |
2022-06-29 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
A cross-site request forgery (CSRF) vulnerability in Jenkins EasyQA Plugin 1.0 and earlier allows attackers to connect to an attacker-specified HTTP server. |
4 |
CVE-2022-34200 |
352 |
|
CSRF |
2022-06-23 |
2022-10-07 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
A cross-site request forgery (CSRF) vulnerability in Jenkins Convertigo Mobile Platform Plugin 1.1 and earlier allows attackers to connect to an attacker-specified URL. |
5 |
CVE-2022-34181 |
693 |
|
|
2022-06-23 |
2022-06-29 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
None |
Jenkins xUnit Plugin 3.0.8 and earlier implements an agent-to-controller message that creates a user-specified directory if it doesn't exist, and parsing files inside it as test results, allowing attackers able to control agent processes to create an arbitrary directory on the Jenkins controller or to obtain test results from existing files in an attacker-specified directory. |
6 |
CVE-2022-30972 |
352 |
|
CSRF |
2022-05-17 |
2022-05-25 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
A cross-site request forgery (CSRF) vulnerability in Jenkins Storable Configs Plugin 1.0 and earlier allows attackers to have Jenkins parse a local XML file (e.g., archived artifacts) that uses external entities for extraction of secrets from the Jenkins controller or server-side request forgery. |
7 |
CVE-2022-30971 |
611 |
|
|
2022-05-17 |
2022-05-25 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
Jenkins Storable Configs Plugin 1.0 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. |
8 |
CVE-2022-30969 |
352 |
|
Exec Code CSRF |
2022-05-17 |
2022-05-25 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
A cross-site request forgery (CSRF) vulnerability in Jenkins Autocomplete Parameter Plugin 1.1 and earlier allows attackers to execute arbitrary code without sandbox protection if the victim is an administrator. |
9 |
CVE-2022-30958 |
352 |
|
CSRF |
2022-05-17 |
2022-05-25 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
A cross-site request forgery (CSRF) vulnerability in Jenkins SSH Plugin 2.6.1 and earlier allows attackers to connect to an attacker-specified SSH server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. |
10 |
CVE-2022-30951 |
862 |
|
|
2022-05-17 |
2022-05-26 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
Jenkins WMI Windows Agents Plugin 1.8 and earlier includes the Windows Remote Command library does not implement access control, potentially allowing users to start processes even if they're not allowed to log in. |
11 |
CVE-2022-30950 |
120 |
|
Exec Code Overflow |
2022-05-17 |
2022-05-26 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
Jenkins WMI Windows Agents Plugin 1.8 and earlier includes the Windows Remote Command library which has a buffer overflow vulnerability that may allow users able to connect to a named pipe to execute commands on the Windows agent machine. |
12 |
CVE-2022-30945 |
|
|
|
2022-05-17 |
2022-11-16 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
Jenkins Pipeline: Groovy Plugin 2689.v434009a_31b_f1 and earlier allows loading any Groovy source files on the classpath of Jenkins and Jenkins plugins in sandboxed pipelines. |
13 |
CVE-2022-29050 |
352 |
|
CSRF |
2022-04-12 |
2022-04-20 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
A cross-site request forgery (CSRF) vulnerability in Jenkins Publish Over FTP Plugin 1.16 and earlier allows attackers to connect to an FTP server using attacker-specified credentials. |
14 |
CVE-2022-28150 |
352 |
|
CSRF |
2022-03-29 |
2022-04-05 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
A cross-site request forgery (CSRF) vulnerability in Jenkins Job and Node ownership Plugin 0.13.0 and earlier allows attackers to change the owners and item-specific permissions of a job. |
15 |
CVE-2022-28136 |
352 |
|
CSRF |
2022-03-29 |
2022-04-04 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
A cross-site request forgery (CSRF) vulnerability in Jenkins JiraTestResultReporter Plugin 165.v817928553942 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials. |
16 |
CVE-2022-27204 |
352 |
|
CSRF |
2022-03-15 |
2022-03-23 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
A cross-site request forgery vulnerability in Jenkins Extended Choice Parameter Plugin 346.vd87693c5a_86c and earlier allows attackers to connect to an attacker-specified URL. |
17 |
CVE-2022-27198 |
352 |
|
CSRF |
2022-03-15 |
2022-03-23 |
6.0 |
None |
Remote |
Medium |
??? |
Partial |
Partial |
Partial |
A cross-site request forgery (CSRF) vulnerability in Jenkins CloudBees AWS Credentials Plugin 189.v3551d5642995 and earlier allows attackers with Overall/Read permission to connect to an AWS service using an attacker-specified token. |
18 |
CVE-2022-25212 |
352 |
|
CSRF |
2022-02-15 |
2022-02-23 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
A cross-site request forgery (CSRF) vulnerability in Jenkins SWAMP Plugin 1.2.6 and earlier allows attackers to connect to an attacker-specified web server using attacker-specified credentials. |
19 |
CVE-2022-25211 |
862 |
|
|
2022-02-15 |
2022-02-23 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
A missing permission check in Jenkins SWAMP Plugin 1.2.6 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified web server using attacker-specified credentials. |
20 |
CVE-2022-25209 |
611 |
|
|
2022-02-15 |
2022-02-23 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
Jenkins Chef Sinatra Plugin 1.20 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. |
21 |
CVE-2022-25208 |
862 |
|
|
2022-02-15 |
2022-02-23 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
A missing permission check in Jenkins Chef Sinatra Plugin 1.20 and earlier allows attackers with Overall/Read permission to have Jenkins send an HTTP request to an attacker-controlled URL and have it parse an XML response. |
22 |
CVE-2022-25207 |
352 |
|
CSRF |
2022-02-15 |
2022-02-23 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
A cross-site request forgery (CSRF) vulnerability in Jenkins Chef Sinatra Plugin 1.20 and earlier allows attackers to have Jenkins send an HTTP request to an attacker-controlled URL and have it parse an XML response. |
23 |
CVE-2022-25206 |
862 |
|
|
2022-02-15 |
2022-02-23 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
A missing check in Jenkins dbCharts Plugin 0.5.2 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified database via JDBC using attacker-specified credentials. |
24 |
CVE-2022-25205 |
352 |
|
CSRF |
2022-02-15 |
2022-02-23 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
A cross-site request forgery (CSRF) vulnerability in Jenkins dbCharts Plugin 0.5.2 and earlier allows attackers to connect to an attacker-specified database via JDBC using attacker-specified credentials and to determine if a class is available in the Jenkins instance. |
25 |
CVE-2022-25200 |
352 |
|
CSRF |
2022-02-15 |
2022-02-23 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
A cross-site request forgery (CSRF) vulnerability in Jenkins Checkmarx Plugin 2022.1.2 and earlier allows attackers to connect to an attacker-specified webserver using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. |
26 |
CVE-2022-25199 |
862 |
|
|
2022-02-15 |
2022-02-23 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
A missing permission check in Jenkins SCP publisher Plugin 1.8 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified SSH server using attacker-specified credentials. |
27 |
CVE-2022-25198 |
352 |
|
CSRF |
2022-02-15 |
2022-02-23 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
A cross-site request forgery (CSRF) vulnerability in Jenkins SCP publisher Plugin 1.8 and earlier allows attackers to connect to an attacker-specified SSH server using attacker-specified credentials. |
28 |
CVE-2022-25194 |
352 |
|
CSRF |
2022-02-15 |
2022-02-23 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
A cross-site request forgery (CSRF) vulnerability in Jenkins autonomiq Plugin 1.15 and earlier allows attackers to connect to an attacker-specified URL server using attacker-specified credentials. |
29 |
CVE-2022-25192 |
352 |
|
CSRF |
2022-02-15 |
2022-10-28 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
A cross-site request forgery (CSRF) vulnerability in Jenkins Snow Commander Plugin 1.10 and earlier allows attackers to connect to an attacker-specified webserver using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. |
30 |
CVE-2022-25183 |
|
|
Exec Code |
2022-02-15 |
2022-02-23 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
Jenkins Pipeline: Shared Groovy Libraries Plugin 552.vd9cc05b8a2e1 and earlier uses the names of Pipeline libraries to create cache directories without any sanitization, allowing attackers with Item/Configure permission to execute arbitrary code in the context of the Jenkins controller JVM using specially crafted library names if a global Pipeline library configured to use caching already exists. |
31 |
CVE-2022-25182 |
|
|
Exec Code Bypass |
2022-02-15 |
2022-02-23 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
A sandbox bypass vulnerability in Jenkins Pipeline: Shared Groovy Libraries Plugin 552.vd9cc05b8a2e1 and earlier allows attackers with Item/Configure permission to execute arbitrary code on the Jenkins controller JVM using specially crafted library names if a global Pipeline library is already configured. |
32 |
CVE-2022-25181 |
|
|
Exec Code Bypass |
2022-02-15 |
2022-02-23 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
A sandbox bypass vulnerability in Jenkins Pipeline: Shared Groovy Libraries Plugin 552.vd9cc05b8a2e1 and earlier allows attackers with Item/Configure permission to execute arbitrary code in the context of the Jenkins controller JVM through crafted SCM contents, if a global Pipeline library already exists. |
33 |
CVE-2022-25175 |
78 |
|
|
2022-02-15 |
2022-10-28 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
Jenkins Pipeline: Multibranch Plugin 706.vd43c65dec013 and earlier uses the same checkout directories for distinct SCMs for the readTrusted step, allowing attackers with Item/Configure permission to invoke arbitrary OS commands on the controller through crafted SCM contents. |
34 |
CVE-2022-25174 |
78 |
|
|
2022-02-15 |
2022-02-23 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
Jenkins Pipeline: Shared Groovy Libraries Plugin 552.vd9cc05b8a2e1 and earlier uses the same checkout directories for distinct SCMs for Pipeline libraries, allowing attackers with Item/Configure permission to invoke arbitrary OS commands on the controller through crafted SCM contents. |
35 |
CVE-2022-25173 |
78 |
|
|
2022-02-15 |
2022-02-23 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
Jenkins Pipeline: Groovy Plugin 2648.va9433432b33c and earlier uses the same checkout directories for distinct SCMs when reading the script file (typically Jenkinsfile) for Pipelines, allowing attackers with Item/Configure permission to invoke arbitrary OS commands on the controller through crafted SCM contents. |
36 |
CVE-2022-20617 |
78 |
|
Exec Code |
2022-01-12 |
2022-01-18 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
Jenkins Docker Commons Plugin 1.17 and earlier does not sanitize the name of an image or a tag, resulting in an OS command execution vulnerability exploitable by attackers with Item/Configure permission or able to control the contents of a previously configured job's SCM repository. |
37 |
CVE-2021-21697 |
184 |
|
|
2021-11-04 |
2021-11-08 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
None |
Jenkins 2.318 and earlier, LTS 2.303.2 and earlier allows any agent to read and write the contents of any build directory stored in Jenkins with very few restrictions. |
38 |
CVE-2021-21695 |
59 |
|
|
2021-11-04 |
2022-10-24 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
FilePath#listFiles lists files outside directories that agents are allowed to access when following symbolic links in Jenkins 2.318 and earlier, LTS 2.303.2 and earlier. |
39 |
CVE-2021-21689 |
|
|
|
2021-11-04 |
2022-10-24 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
None |
FilePath#unzip and FilePath#untar were not subject to any agent-to-controller access control in Jenkins 2.318 and earlier, LTS 2.303.2 and earlier. |
40 |
CVE-2021-21687 |
862 |
|
|
2021-11-04 |
2021-11-08 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
None |
Jenkins 2.318 and earlier, LTS 2.303.2 and earlier does not check agent-to-controller access to create symbolic links when unarchiving a symbolic link in FilePath#untar. |
41 |
CVE-2021-21685 |
862 |
|
|
2021-11-04 |
2021-11-08 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
None |
Jenkins 2.318 and earlier, LTS 2.303.2 and earlier does not check agent-to-controller access to create parent directories in FilePath#mkdirs. |
42 |
CVE-2021-21679 |
|
|
Bypass CSRF |
2021-08-31 |
2022-10-25 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
Jenkins Azure AD Plugin 179.vf6841393099e and earlier allows attackers to craft URLs that would bypass the CSRF protection of any target URL in Jenkins. |
43 |
CVE-2021-21678 |
|
|
Bypass CSRF |
2021-08-31 |
2022-10-25 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
Jenkins SAML Plugin 2.0.7 and earlier allows attackers to craft URLs that would bypass the CSRF protection of any target URL in Jenkins. |
44 |
CVE-2021-21677 |
502 |
|
Exec Code |
2021-08-31 |
2021-09-08 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
Jenkins Code Coverage API Plugin 1.4.0 and earlier does not apply Jenkins JEP-200 deserialization protection to Java objects it deserializes from disk, resulting in a remote code execution vulnerability. |
45 |
CVE-2021-21665 |
352 |
|
CSRF |
2021-06-10 |
2021-06-15 |
6.0 |
None |
Remote |
Medium |
??? |
Partial |
Partial |
Partial |
A cross-site request forgery (CSRF) vulnerability in Jenkins XebiaLabs XL Deploy Plugin 10.0.1 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing Username/password credentials stored in Jenkins. |
46 |
CVE-2021-21658 |
611 |
|
|
2021-05-25 |
2021-06-01 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
None |
Jenkins Nuget Plugin 1.0 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. |
47 |
CVE-2021-21657 |
611 |
|
|
2021-05-25 |
2021-06-01 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
Jenkins Filesystem Trigger Plugin 0.40 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. |
48 |
CVE-2021-21646 |
693 |
|
Exec Code |
2021-04-21 |
2021-04-26 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
Jenkins Templating Engine Plugin 2.1 and earlier does not protect its pipeline configurations using Script Security Plugin, allowing attackers with Job/Configure permission to execute arbitrary code in the context of the Jenkins controller JVM. |
49 |
CVE-2021-21638 |
352 |
|
CSRF |
2021-03-30 |
2021-04-02 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
A cross-site request forgery (CSRF) vulnerability in Jenkins Team Foundation Server Plugin 5.157.1 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. |
50 |
CVE-2021-21633 |
352 |
|
CSRF |
2021-03-30 |
2021-04-02 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
A cross-site request forgery (CSRF) vulnerability in Jenkins OWASP Dependency-Track Plugin 3.1.0 and earlier allows attackers to connect to an attacker-specified URL, capturing credentials stored in Jenkins. |