Jenkins Project 厂商相关 1473 条 CVE 漏洞,含 AI 中文分析、POC、CVSS 评分与受影响产品。
Jenkins 是一款广泛使用的开源自动化服务器,核心用途为支持持续集成与持续交付(CI/CD)流程。截至最新统计,该项目已收录 1473 条 CVE,历史上常见漏洞类型包括远程代码执行(RCE)、跨站脚本(XSS)及权限绕过等,多源于插件缺陷或配置不当。其安全特性强调插件生态管理,重大事件涉及多次因默认配置或旧版本组件引发的严重数据泄露风险,建议用户定期更新并严格审查插件权限。
| CVE ID | 标题 | CVSS | 风险等级 | Published |
|---|---|---|---|---|
| CVE-2023-24454 | Jenkins Plugin TestQuality Updater 安全漏洞 — Jenkins TestQuality Updater Plugin | 5.5 | - | 2023-01-24 |
| CVE-2023-24453 | Jenkins Plugin TestQuality Updater 安全漏洞 — Jenkins TestQuality Updater Plugin | 6.5 | - | 2023-01-24 |
| CVE-2023-24452 | Jenkins Plugin TestQuality Updater 跨站请求伪造漏洞 — Jenkins TestQuality Updater Plugin | 8.1 | - | 2023-01-24 |
| CVE-2023-24451 | Jenkins Plugin Cisco Spark Notifier 安全漏洞 — Jenkins Cisco Spark Notifier Plugin | 4.3 | - | 2023-01-24 |
| CVE-2023-24449 | Jenkins Plugin PWauth Security Realm 路径遍历漏洞 — Jenkins PWauth Security Realm Plugin | 4.3 | - | 2023-01-24 |
| CVE-2023-24448 | Jenkins Plugin RabbitMQ Consumer 安全漏洞 — Jenkins RabbitMQ Consumer Plugin | 6.5 | - | 2023-01-24 |
| CVE-2023-24447 | Jenkins Plugin RabbitMQ Consumer 跨站请求伪造漏洞 — Jenkins RabbitMQ Consumer Plugin | 6.5 | - | 2023-01-24 |
| CVE-2023-24446 | Jenkins Plugin OpenID 跨站请求伪造漏洞 — Jenkins OpenID Plugin | 8.8 | - | 2023-01-24 |
| CVE-2023-24445 | Jenkins Plugin OpenID 输入验证错误漏洞 — Jenkins OpenID Plugin | 5.4 | - | 2023-01-24 |
| CVE-2023-24444 | Jenkins Plugin OpenID 安全漏洞 — Jenkins OpenID Plugin | 9.8 | - | 2023-01-24 |
| CVE-2023-24443 | Jenkins Plugin TestComplete support 代码问题漏洞 — Jenkins TestComplete support Plugin | 9.1 | - | 2023-01-24 |
| CVE-2023-24450 | Jenkins Plugin view-cloner 安全漏洞 — Jenkins view-cloner Plugin | 6.5 | - | 2023-01-24 |
| CVE-2022-46684 | Jenkins Checkmarx Plugin 跨站脚本漏洞 — Jenkins Checkmarx Plugin | 5.4 | - | 2022-12-07 |
| CVE-2022-46682 | Jenkins Plot Plugin 代码问题漏洞 — Jenkins Plot Plugin | 8.1 | - | 2022-12-07 |
| CVE-2022-46683 | Jenkins Google Login Plugin 输入验证错误漏洞 — Jenkins Google Login Plugin | 6.1 | - | 2022-12-07 |
| CVE-2022-46685 | Jenkins Gitea Plugin 安全漏洞 — Jenkins Gitea Plugin | 5.3 | - | 2022-12-07 |
| CVE-2022-46687 | Jenkins Spring Config Plugin 跨站脚本漏洞 — Jenkins Spring Config Plugin | 5.4 | - | 2022-12-07 |
| CVE-2022-46688 | Jenkins Sonar Gerrit Plugin 跨站请求伪造漏洞 — Jenkins Sonar Gerrit Plugin | 8.8 | - | 2022-12-07 |
| CVE-2022-46686 | Jenkins Custom Build Properties Plugin 跨站脚本漏洞 — Jenkins Custom Build Properties Plugin | 5.4 | - | 2022-12-07 |
| CVE-2022-45389 | Jenkins Plugin XP-Dev 安全漏洞 — Jenkins XP-Dev Plugin | 7.5 | - | 2022-11-15 |
| CVE-2022-45388 | Jenkins Plugin Config Rotator 路径遍历漏洞 — Jenkins Config Rotator Plugin | 7.5 | - | 2022-11-15 |
| CVE-2022-45387 | Jenkins Plugin BART 跨站脚本漏洞 — Jenkins BART Plugin | 5.4 | - | 2022-11-15 |
| CVE-2022-45386 | Jenkins Plugin Violations 代码问题漏洞 — Jenkins Violations Plugin | 9.1 | - | 2022-11-15 |
| CVE-2022-45385 | Jenkins Plugin CloudBees Docker Hub/Registry Notification 安全漏洞 — Jenkins CloudBees Docker Hub/Registry Notification Plugin | 7.5 | - | 2022-11-15 |
| CVE-2022-45384 | Jenkins Plugin Reverse Proxy Auth 安全漏洞 — Jenkins Reverse Proxy Auth Plugin | 6.5 | - | 2022-11-15 |
| CVE-2022-45380 | Jenkins Plugin JUnit 跨站脚本漏洞 — Jenkins JUnit Plugin | 5.4 | - | 2022-11-15 |
| CVE-2022-38666 | Jenkins NS-ND Integration Performance Publisher Plugin 信任管理问题漏洞 — Jenkins NS-ND Integration Performance Publisher Plugin | 5.3 | - | 2022-11-15 |
| CVE-2022-45379 | Jenkins Plugin Script Security 加密问题漏洞 — Jenkins Script Security Plugin | 8.1 | - | 2022-11-15 |
| CVE-2022-45383 | Jenkins Plugin Support Core 安全漏洞 — Jenkins Support Core Plugin | 6.5 | - | 2022-11-15 |
| CVE-2022-45381 | Jenkins Plugin Pipeline Utility Steps 路径遍历漏洞 — Jenkins Pipeline Utility Steps Plugin | 6.5 | - | 2022-11-15 |
本页汇总了 Jenkins Project 厂商截至目前公开的全部 1473 条 CVE 漏洞。每条漏洞均包含 CVSS 评分、CWE 弱点分类、受影响产品与参考链接,并附带 AI 生成的中文分析以便快速判断风险。