jenkins-ci

Top products

The 5 most recently published vulnerabilities affecting jenkins-ci.

• CVE-2014-3679The Monitoring plugin before 1.53.0 for Jenkins allows remote attackers to obtain sensitive information by accessing unspecified pages.5.0Oct 16, 2014
• CVE-2014-3678Cross-site scripting (XSS) vulnerability in the Monitoring plugin before 1.53.0 for Jenkins allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.4.3Oct 10, 2014
• CVE-2013-6372The Subversion plugin before 1.54 for Jenkins stores credentials using base64 encoding, which allows local users to obtain passwords and SSH private keys by reading a subversion.credentials file.2.1May 8, 2014
• CVE-2013-6374Cross-site scripting (XSS) vulnerability in the Build Failure Analyzer plugin before 1.5.1 for Jenkins allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.3.5Nov 25, 2013
• CVE-2013-6373The Exclusion plugin before 0.9 for Jenkins does not properly prevent access to resource locks, which allows remote authenticated users to list and release resources via unspecified vectors.5.5Nov 25, 2013