Kubernetes Jenkins Kubernetes

Do you want an email whenever new security vulnerabilities are reported in Jenkins Kubernetes?

By the Year

In 2023 there have been 0 vulnerabilities in Jenkins Kubernetes . Kubernetes did not have any published security vulnerabilities last year.

Year Vulnerabilities Average Score
2023 0 0.00
2022 0 0.00
2021 1 4.30
2020 3 4.30
2019 0 0.00
2018 2 7.65

It may take a day or so for new Kubernetes vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Jenkins Kubernetes Security Vulnerabilities

Jenkins Kubernetes CLI Plugin 1.10.0 and earlier does not perform permission checks in several HTTP endpoints

CVE-2021-21661 4.3 - Medium - June 10, 2021

Jenkins Kubernetes CLI Plugin 1.10.0 and earlier does not perform permission checks in several HTTP endpoints, allowing attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.

AuthZ

Jenkins Kubernetes Plugin 1.27.3 and earlier

CVE-2020-2307 4.3 - Medium - November 04, 2020

Jenkins Kubernetes Plugin 1.27.3 and earlier allows low-privilege users to access possibly sensitive Jenkins controller environment variables.

Information Disclosure

A missing permission check in Jenkins Kubernetes Plugin 1.27.3 and earlier

CVE-2020-2308 4.3 - Medium - November 04, 2020

A missing permission check in Jenkins Kubernetes Plugin 1.27.3 and earlier allows attackers with Overall/Read permission to list global pod template names.

AuthZ

A missing/An incorrect permission check in Jenkins Kubernetes Plugin 1.27.3 and earlier

CVE-2020-2309 4.3 - Medium - November 04, 2020

A missing/An incorrect permission check in Jenkins Kubernetes Plugin 1.27.3 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.

AuthZ

An exposure of sensitive information vulnerability exists in Jenkins Kubernetes Plugin 1.10.1 and earlier in KubernetesCloud.java

CVE-2018-1999040 8.8 - High - August 01, 2018

An exposure of sensitive information vulnerability exists in Jenkins Kubernetes Plugin 1.10.1 and earlier in KubernetesCloud.java that allows attackers to capture credentials with a known credentials ID stored in Jenkins.

Information Disclosure

A exposure of sensitive information vulnerability exists in Jenkins Kubernetes Plugin 1.7.0 and older in ContainerExecDecorator.java

CVE-2018-1000187 6.5 - Medium - June 05, 2018

A exposure of sensitive information vulnerability exists in Jenkins Kubernetes Plugin 1.7.0 and older in ContainerExecDecorator.java that results in sensitive variables such as passwords being written to logs.

Information Disclosure

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Jenkins Kubernetes or by Jenkins? Click the Watch button to subscribe.

Jenkins
Vendor

subscribe