Jenkins github plugin
This hub aggregates every CVE we track for Jenkins github plugin, a product in the devtools ci space. Use it to gauge the current risk picture and drill into individual advisories.
3
CVEs tracked
1
Critical
0
High
0
In CISA KEV
Severity distribution
MEDIUM2CRITICAL1
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
0
0
2024-072026-06
Latest CVEs
The 3 most recently published vulnerabilities affecting Jenkins github plugin.
- CVE-2026-42523Jenkins GitHub Plugin 1.46.0 and earlier improperly processes the current job URL as part of JavaScript implementing validation of the feature "GitHub hook trigger for GITScm polling", resulting in...9.0
- CVE-2023-46650Jenkins GitHub Plugin 1.37.3 and earlier does not escape the GitHub project URL on the build page when showing changes, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by...5.4
- CVE-2022-36885Jenkins GitHub Plugin 1.34.4 and earlier uses a non-constant time comparison function when checking whether the provided and computed webhook signatures are equal, allowing attackers to use statist...5.3
Product normalization is registry-driven with AI assist and human review. How it works