Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jenkins vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2022-30969
A cross-site request forgery (CSRF) vulnerability in Jenkins Autocomplete Parameter Plugin 1.1 and previous versions allows malicious users to execute arbitrary code without sandbox protection if the victim is an administrator.
Jenkins Autocomplete Parameter
6.8
CVSSv2
CVE-2022-30972
A cross-site request forgery (CSRF) vulnerability in Jenkins Storable Configs Plugin 1.0 and previous versions allows malicious users to have Jenkins parse a local XML file (e.g., archived artifacts) that uses external entities for extraction of secrets from the Jenkins controlle...
Jenkins Storage Configs
6.8
CVSSv2
CVE-2022-30945
Jenkins Pipeline: Groovy Plugin 2689.v434009a_31b_f1 and previous versions allows loading any Groovy source files on the classpath of Jenkins and Jenkins plugins in sandboxed pipelines.
Jenkins Pipeline\\ Groovy
6.8
CVSSv2
CVE-2022-1304
An out-of-bounds read/write vulnerability was found in e2fsprogs 1.46.5. This issue leads to a segmentation fault and possibly arbitrary code execution via a specially crafted filesystem.
E2fsprogs Project E2fsprogs 1.46.5
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Redhat Enterprise Linux 8.0
Fedoraproject Fedora 35
6.8
CVSSv2
CVE-2022-29050
A cross-site request forgery (CSRF) vulnerability in Jenkins Publish Over FTP Plugin 1.16 and previous versions allows malicious users to connect to an FTP server using attacker-specified credentials.
Jenkins Publish Over Ftp
6.8
CVSSv2
CVE-2022-28136
A cross-site request forgery (CSRF) vulnerability in Jenkins JiraTestResultReporter Plugin 165.v817928553942 and previous versions allows malicious users to connect to an attacker-specified URL using attacker-specified credentials.
Jenkins Jiratestresultreporter
6.8
CVSSv2
CVE-2022-28150
A cross-site request forgery (CSRF) vulnerability in Jenkins Job and Node ownership Plugin 0.13.0 and previous versions allows malicious users to change the owners and item-specific permissions of a job.
Jenkins Job And Node Ownership
6.8
CVSSv2
CVE-2022-27204
A cross-site request forgery vulnerability in Jenkins Extended Choice Parameter Plugin 346.vd87693c5a_86c and previous versions allows malicious users to connect to an attacker-specified URL.
Jenkins Extended Choice Parameter
6.8
CVSSv2
CVE-2022-25192
A cross-site request forgery (CSRF) vulnerability in Jenkins Snow Commander Plugin 1.10 and previous versions allows malicious users to connect to an attacker-specified webserver using attacker-specified credentials IDs obtained through another method, capturing credentials store...
Jenkins Snow Commander
6.8
CVSSv2
CVE-2022-25200
A cross-site request forgery (CSRF) vulnerability in Jenkins Checkmarx Plugin 2022.1.2 and previous versions allows malicious users to connect to an attacker-specified webserver using attacker-specified credentials IDs obtained through another method, capturing credentials stored...
Jenkins Checkmarx
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581
reflected XSS
CVE-2024-26925
CVE-2024-27956
LFI
CVE-2024-3607
CVE-2024-3107
CVE-2024-3295
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »