Jenkins Luki w zabezpieczeniach

Oś czasu

Ostatni rok

Wersja

2.0	36
2.1	36
2.2	35
2.43	33
2.3	27

Przeciwdziałanie

Official Fix	129
Temporary Fix	0
Workaround	1
Unavailable	0
Not Defined	134

Wykorzystywanie

High	3
Functional	0
Proof-of-Concept	5
Unproven	0
Not Defined	256

Wektor dostępu

Not Defined	0
Physical	0
Local	6
Adjacent	41
Network	217

Uwierzytelnianie

Not Defined	0
High	6
Low	143
None	115

Interakcja z użytkownikiem

Not Defined	0
Required	109
None	155

CVSSv3 Base

≤1	0
≤2	0
≤3	1
≤4	13
≤5	87
≤6	87
≤7	41
≤8	26
≤9	6
≤10	3

CVSSv3 Temp

≤1	0
≤2	0
≤3	1
≤4	13
≤5	88
≤6	96
≤7	40
≤8	18
≤9	6
≤10	2

VulDB

≤1	0
≤2	0
≤3	4
≤4	56
≤5	63
≤6	70
≤7	39
≤8	25
≤9	4
≤10	3

NVD

≤1	0
≤2	0
≤3	1
≤4	2
≤5	36
≤6	59
≤7	35
≤8	21
≤9	29
≤10	7

CNA

≤1	0
≤2	0
≤3	1
≤4	3
≤5	7
≤6	4
≤7	2
≤8	0
≤9	1
≤10	0

Sprzedawca

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Research

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Exploit 0-day

<1k	81
<2k	131
<5k	52
<10k	0
<25k	0
<50k	0
<100k	0
≥100k	0

Wykorzystaj dzisiaj

<1k	260
<2k	4
<5k	0
<10k	0
<25k	0
<50k	0
<100k	0
≥100k	0

Affected Versions (266): 1.0, 1.1, 1.2, 1.3, 1.4, 1.5, 1.6, 1.7, 1.8, 1.9, 1.10, 1.11, 1.12, 1.13, 1.14, 1.15, 1.16, 1.17, 1.18, 1.19, 1.20, 1.21, 1.22, 1.23, 1.24, 1.25, 1.26, 1.27, 1.28, 1.29, 1.30, 1.31, 1.32, 1.33, 1.34, 1.35, 1.36, 1.37, 1.309, 1.399, 1.423, 1.424, 1.424.0.1, 1.424.1, 1.424.2, 1.424.3, 1.424.4, 1.466, 1.480, 1.481, 1.497, 1.509, 1.513, 1.523, 1.532.1, 1.549, 1.550, 1.585, 1.586, 1.625, 1.625.1, 1.637, 1.639, 1.649, 2.0, 2.1, 2.2, 2.3, 2.4, 2.5, 2.6, 2.7, 2.8, 2.9, 2.10, 2.11, 2.12, 2.13, 2.14, 2.15, 2.16, 2.17, 2.18, 2.19, 2.20, 2.21, 2.22, 2.23, 2.24, 2.25, 2.26, 2.27, 2.28, 2.29, 2.30, 2.31, 2.32, 2.32.1, 2.33, 2.34, 2.35, 2.36, 2.37, 2.38, 2.39, 2.40, 2.41, 2.42, 2.43, 2.44, 2.45, 2.46, 2.46.1, 2.47, 2.48, 2.49, 2.50, 2.51, 2.52, 2.53, 2.54, 2.55, 2.56, 2.57, 2.58, 2.59, 2.60, 2.61, 2.62, 2.63, 2.64, 2.65, 2.66, 2.67, 2.68, 2.69, 2.70, 2.71, 2.72, 2.73, 2.73.1, 2.73.2, 2.74, 2.75, 2.76, 2.77, 2.78, 2.79, 2.80, 2.81, 2.82, 2.83, 2.84, 2.85, 2.86, 2.87, 2.88, 2.89, 2.89.1, 2.90, 2.91, 2.92, 2.93, 2.94, 2.106, 2.115, 2.120, 2.121, 2.121.1, 2.121.2, 2.132, 2.137, 2.145, 2.150.1, 2.150.2.3, 2.153, 2.158, 2.159, 2.170, 2.171, 2.185, 2.191, 2.196, 2.213, 2.218, 2.227, 2.244, 2.251, 2.274, 2.275, 2.286, 2.299, 2.314, 2.318, 2.319, 2.319.1, 2.319.2, 2.329, 2.355, 2.367, 2.368, 2.369, 2.399, 2.415, 2.423, 2.426, 2.426.1, 2.426.2, 2.441, LTE 2.107, LTE 2.107.1, LTS 1.466, LTS 1.466.1, LTS 1.651, LTS 1.651.1, LTS 2.89, LTS 2.89.1, LTS 2.89.2, LTS 2.89.3, LTS 2.107, LTS 2.107.1, LTS 2.107.2, LTS 2.138, LTS 2.138.1, LTS 2.138.2, LTS 2.138.3, LTS 2.176, LTS 2.176.1, LTS 2.176.2, LTS 2.176.3, LTS 2.204, LTS 2.204.1, LTS 2.204.2, LTS 2.204.3, LTS 2.204.4, LTS 2.204.5, LTS 2.235, LTS 2.235.1, LTS 2.235.2, LTS 2.235.3, LTS 2.263, LTS 2.263.1, LTS 2.263.2, LTS 2.277, LTS 2.277.1, LTS 2.289, LTS 2.289.1, LTS 2.303, LTS 2.303.1, LTS 2.303.2, LTS 2.319, LTS 2.319.1, LTS 2.332, LTS 2.332.1, LTS 2.332.2, LTS 2.332.3, LTS 2.333, LTS 2.387, LTS 2.387.1, LTS 2.387.2, LTS 2.387.3, LTS 2.401, LTS 2.401.1, LTS 2.401.2, LTS 2.414, LTS 2.414.1

Typ oprogramowania: Continuous Integration Software

Opublikowano	Base	Temp	Słaby punkt	0day	Dzisiaj	Wyk	Prz	CTI	CVE
2024-01-24	7.5	7.4	Jenkins Command Line Interface weak authentication	$0-$5k	$0-$5k	Not Defined	Official Fix	0.20	CVE-2024-23898
2024-01-24	5.5	5.4	Jenkins Command Line Interface information disclosure	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2024-23897
2023-09-20	7.1	7.1	Jenkins Temporary Directory privilege escalation	$0-$5k	$0-$5k	Not Defined	Not Defined	0.03	CVE-2023-43496
2023-09-20	4.4	4.4	Jenkins Caption Parameter ExpandableDetailsNote cross site scripting	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00	CVE-2023-43495
2023-09-20	6.8	6.7	Jenkins MultipartFormDataParser privilege escalation	$0-$5k	$0-$5k	Not Defined	Official Fix	0.02	CVE-2023-43498
2023-09-20	6.8	6.8	Jenkins Stapler Web Framework privilege escalation	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00	CVE-2023-43497
2023-09-20	3.9	3.9	Jenkins Build Variable privilege escalation	$0-$5k	$0-$5k	Not Defined	Not Defined	0.02	CVE-2023-43494
2023-07-26	4.4	4.4	Jenkins URL cross site scripting	$0-$5k	$0-$5k	Not Defined	Not Defined	0.04	CVE-2023-39151
2023-06-14	5.5	5.5	Jenkins POST Request privilege escalation	$0-$5k	$0-$5k	Not Defined	Not Defined	0.03	CVE-2023-35141
2023-03-11	4.4	4.4	Jenkins Version cross site scripting	$0-$5k	$0-$5k	Not Defined	Not Defined	0.03	CVE-2023-27898
2023-03-11	6.1	6.1	Jenkins Local Privilege Escalation	$0-$5k	$0-$5k	Not Defined	Not Defined	0.02	CVE-2023-27899
2023-03-11	4.4	4.4	Jenkins Agent Connection information disclosure	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00	CVE-2023-27904
2023-03-11	5.0	5.0	Jenkins CLI privilege escalation	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00	CVE-2023-27903
2023-03-11	5.5	5.5	Jenkins Job Workspace privilege escalation	$0-$5k	$0-$5k	Not Defined	Not Defined	0.02	CVE-2023-27902
2023-03-11	5.5	5.5	Jenkins Apache Commons FileUpload denial of service	$0-$5k	$0-$5k	Not Defined	Not Defined	0.02	CVE-2023-27901
2023-03-11	5.5	5.5	Jenkins Apache Commons FileUpload denial of service	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00	CVE-2023-27900
2022-09-22	4.4	4.4	Jenkins Tooltip cross site scripting	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00	CVE-2022-41224
2022-07-27	4.4	4.4	Maven Metadata Plugin for Jenkins CI Server URL Validation cross site scripting	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00	CVE-2022-36905
2022-06-24	4.4	4.4	Maven Metadata Plugin for Jenkins CI Server List Maven Artifact Versions cross site scripting	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00	CVE-2022-34190
2022-06-24	4.8	4.8	Jenkins Build Button cross site scripting	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00	CVE-2022-34173
2022-06-24	4.8	4.8	Jenkins Symbol-based Icons cross site scripting	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00	CVE-2022-34172
2022-06-24	4.8	4.8	Jenkins SVG Icon cross site scripting	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00	CVE-2022-34171
2022-06-24	4.8	4.8	Jenkins Help Icon cross site scripting	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00	CVE-2022-34170
2022-06-24	3.5	3.5	Jenkins Fragment privilege escalation	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00	CVE-2022-34175
2022-06-23	3.1	3.1	Jenkins Login Form information disclosure	$0-$5k	$0-$5k	Not Defined	Not Defined	0.02	CVE-2022-34174

239 więcej wpisów nie jest pokazywanych

🔒 Login Required

You need to signup and login to see more of the remaining 239 results.

◂ PoprzedniPrzeglądKolejny ▸

Do you need the next level of professionalism?

Upgrade your account now!

Jenkins Luki w zabezpieczeniach

Oś czasu

Ostatni rok

Wersja

Przeciwdziałanie

Wykorzystywanie

Wektor dostępu

Uwierzytelnianie

Interakcja z użytkownikiem

C3BM Index

Ostatni rok

CVSSv3 Base

CVSSv3 Temp

VulDB

NVD

CNA

Sprzedawca

Research

Exploit 0-day

Wykorzystaj dzisiaj

Wykorzystaj wielkość rynku

Ostatni rok

🔴 CTI Zajęcia

🔒 Login Required

Do you need the next level of professionalism?