Jenkins Docker

Do you want an email whenever new security vulnerabilities are reported in Jenkins Docker?

By the Year

In 2023 there have been 0 vulnerabilities in Jenkins Docker . Docker did not have any published security vulnerabilities last year.

Year	Vulnerabilities	Average Score
2023	0	0.00
2022	0	0.00
2021	0	0.00
2020	0	0.00
2019	3	6.53
2018	0	0.00

It may take a day or so for new Docker vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Jenkins Docker Security Vulnerabilities

A cross-site request forgery vulnerability in Jenkins Docker Plugin 1.1.6 and earlier in DockerAPI.DescriptorImpl#doTestConnection

CVE-2019-10340 8.8 - High - July 11, 2019

A cross-site request forgery vulnerability in Jenkins Docker Plugin 1.1.6 and earlier in DockerAPI.DescriptorImpl#doTestConnection allowed users with Overall/Read access to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.

Session Riding

A missing permission check in Jenkins Docker Plugin 1.1.6 and earlier in DockerAPI.DescriptorImpl#doTestConnection

CVE-2019-10341 6.5 - Medium - July 11, 2019

A missing permission check in Jenkins Docker Plugin 1.1.6 and earlier in DockerAPI.DescriptorImpl#doTestConnection allowed users with Overall/Read access to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.

Information Disclosure

A missing permission check in Jenkins Docker Plugin 1.1.6 and earlier in various 'fillCredentialsIdItems' methods

CVE-2019-10342 4.3 - Medium - July 11, 2019

A missing permission check in Jenkins Docker Plugin 1.1.6 and earlier in various 'fillCredentialsIdItems' methods allowed users with Overall/Read access to enumerate credentials ID of credentials stored in Jenkins.

Information Disclosure

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Jenkins Docker or by Jenkins? Click the Watch button to subscribe.

Jenkins
Vendor

Jenkins Docker
Product

By the Year

Recent Jenkins Docker Security Vulnerabilities

A cross-site request forgery vulnerability in Jenkins Docker Plugin 1.1.6 and earlier in DockerAPI.DescriptorImpl#doTestConnection CVE-2019-10340 8.8 - High - July 11, 2019

A missing permission check in Jenkins Docker Plugin 1.1.6 and earlier in DockerAPI.DescriptorImpl#doTestConnection CVE-2019-10341 6.5 - Medium - July 11, 2019

A missing permission check in Jenkins Docker Plugin 1.1.6 and earlier in various 'fillCredentialsIdItems' methods CVE-2019-10342 4.3 - Medium - July 11, 2019