- What is the jenkins CNA?
- jenkins is a CVE Numbering Authority (CNA) — an organization authorized to assign CVE IDs to vulnerabilities in its scope. It has published 1,454 CVE records since 2019.
- How many CVEs has jenkins published?
- jenkins has published 1,454 CVE records, including 137 in the last two years.
- What is jenkins's CVE data quality grade?
- RadicalNotion.AI grades jenkins's CVE data quality as F, with an overall completeness score of 56.4%. This reflects how consistently its CVE records include vendor (99.9%), product (99.9%), CVSS (0%), and CWE (25.8%) information.
- What products does jenkins publish CVEs for?
- jenkins most frequently publishes CVEs for Jenkins, script-security-plugin, script_security, Jenkins Script Security Plugin, openshift container platform.
- Which vendors does jenkins cover?
- jenkins publishes CVEs across 3 distinct vendors, most often Jenkins, Red Hat, oracle, jfrog, microsoft.
- Is jenkins actively publishing CVEs?
- jenkins is currently active, based on 137 CVEs in the last two years.
- How many critical CVEs has jenkins published?
- jenkins has published 69 critical-severity CVEs and 398 high-severity CVEs.
- Are any of jenkins's CVEs in CISA's Known Exploited Vulnerabilities catalog?
- Yes. 3 of jenkins's CVEs are listed in CISA's Known Exploited Vulnerabilities (KEV) catalog, meaning they are confirmed to be exploited in the wild.
- What are the most common weakness types in jenkins's CVEs?
- jenkins's CVEs most often map to these CWE weakness types: CWE-862 (Missing Authorization), CWE-352 (Cross-Site Request Forgery (CSRF)), CWE-79 (Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')), CWE-611 (Improper Restriction of XML External Entity Reference).
- How does jenkins rank among CNAs?
- By total CVE volume, jenkins ranks #32 of 370 CNAs, and it reports more complete CVE records than 12% of all CNAs.