Vulnerabilities in Jenkins
12 resultsCVE-2012-4438—Jenkins main before 1.482 and LTS before 1.466.2 allows remote attackers with read access and HTTP access to Jenkins master to insert data aEPSS 2.4%CVE-2012-4440—Cross-site Scripting (XSS) in Jenkins main before 1.482 and LTS before 1.466.2 allows remote attackers to inject arbitrary web script or HTMEPSS 1.9%CVE-2012-4441—Cross-site Scripting (XSS) in Jenkins main before 1.482 and LTS before 1.466.2 allows remote attackers to inject arbitrary web script or HTMEPSS 1.9%CVE-2012-4439—Cross-site Scripting (XSS) in Jenkins main before 1.482 and LTS before 1.466.2 allows remote attackers to inject arbitrary web script or HTMEPSS 1.8%CVE-2017-2651LOWjenkins-mailer-plugin before version 1.20 is vulnerable to an information disclosure while using the feature to send emails to a dynamicallyEPSS 1.6%CVE-2017-2648MEDIUMIt was found that jenkins-ssh-slaves-plugin before version 1.15 did not perform host key verification, thereby enabling Man-in-the-Middle atEPSS 1.4%CVE-2023-2196MEDIUMMissing permission checks in Code Dx Plugin EPSS 1.0%CVE-2023-2632MEDIUMAPI keys stored and displayed in plain text by Code Dx Plugin EPSS 0.6%CVE-2023-2195MEDIUMCSRF vulnerability and missing permission checks in Code Dx Plugin EPSS 0.4%CVE-2023-2633MEDIUMAPI keys stored and displayed in plain text by Code Dx Plugin EPSS 0.4%CVE-2023-2631MEDIUMCSRF vulnerability and missing permission checks in Code Dx Plugin EPSS 0.4%CVE-2024-9453MEDIUMJenkins-image: sensitive data disclosure when using openshift jenkins imageEPSS 0.3%