1. Home
  2. Packages
  3. maven
  4. org.jenkins-ci.main
  5. jenkins-core

pkg:maven/org.jenkins-ci.main/jenkins-core

Type maven
Namespace org.jenkins-ci.main
Name jenkins-core

Known advisories, vulnerabilities and fixes for org.jenkins-ci.main/jenkins-core package.

Repository
https://mvnrepository.com/artifact/org.jenkins-ci.main/jenkins-core
Critical 19
High 48
Moderate 115
Low 9
Type Version Distribution # CVEs # Advisory ID Title Severity Published
Affected >= 2.122, < 2.138 < 2.121.3 CVE-2018-1999043
maven MAVEN:GHSA-2632-H32J-6RG9 Missing Release of Resource after Effective Lifetime in Jenkins high 2022-05-13T01:50:55
(2 years ago)
Fixed = 2.138 = 2.121.3 CVE-2018-1999043
maven MAVEN:GHSA-2632-H32J-6RG9 Missing Release of Resource after Effective Lifetime in Jenkins high 2022-05-13T01:50:55
(2 years ago)
Affected <= 2.46.1 >= 2.50, <= 2.56 CVE-2017-1000353
maven MAVEN:GHSA-26WC-3WQP-G3RP Deserialization of Untrusted Data in Jenkins critical 2022-05-13T01:01:03
(2 years ago)
Fixed = 2.46.2 = 2.57 CVE-2017-1000353
maven MAVEN:GHSA-26WC-3WQP-G3RP Deserialization of Untrusted Data in Jenkins critical 2022-05-13T01:01:03
(2 years ago)
Affected >= 2.415, < 2.424 >= 2.50, < 2.414.2 CVE-2023-43494
maven MAVEN:GHSA-279F-QWGH-H5MP Jenkins does not exclude sensitive build variables from search moderate 2023-09-20T18:30:21
(12 months ago)
Fixed = 2.424 = 2.414.2 CVE-2023-43494
maven MAVEN:GHSA-279F-QWGH-H5MP Jenkins does not exclude sensitive build variables from search moderate 2023-09-20T18:30:21
(12 months ago)
Affected >= 2.122, < 2.138 < 2.121.3 CVE-2018-1999042
maven MAVEN:GHSA-28P3-MCHR-9FRJ Deserialization of Untrusted Data in Jenkins moderate 2022-05-14T01:04:56
(2 years ago)
Fixed = 2.138 = 2.121.3 CVE-2018-1999042
maven MAVEN:GHSA-28P3-MCHR-9FRJ Deserialization of Untrusted Data in Jenkins moderate 2022-05-14T01:04:56
(2 years ago)
Affected <= 2.303.2 >= 2.304, <= 2.318 CVE-2021-21691
maven MAVEN:GHSA-2C79-H2H5-G3FW Multiple vulnerabilities allow bypassing path filtering of agent-to-controller access control in Jenkins critical 2022-05-24T19:19:44
(2 years ago)
Fixed = 2.303.3 = 2.319 CVE-2021-21691
maven MAVEN:GHSA-2C79-H2H5-G3FW Multiple vulnerabilities allow bypassing path filtering of agent-to-controller access control in Jenkins critical 2022-05-24T19:19:44
(2 years ago)
Affected >= 2.122, < 2.132 < 2.121.2 CVE-2018-1999006
maven MAVEN:GHSA-2PP9-R4RV-6P6J Exposure of Sensitive Information to an Unauthorized Actor in Jenkins moderate 2022-05-14T01:05:26
(2 years ago)
Fixed = 2.132 = 2.121.2 CVE-2018-1999006
maven MAVEN:GHSA-2PP9-R4RV-6P6J Exposure of Sensitive Information to an Unauthorized Actor in Jenkins moderate 2022-05-14T01:05:26
(2 years ago)
Affected >= 2.108, <= 2.120 <= 2.107.2 CVE-2018-1000192
maven MAVEN:GHSA-2W4X-RXP7-GRG7 Exposure of Sensitive Information to an Unauthorized Actor in Jenkins moderate 2022-05-13T01:01:02
(2 years ago)
Fixed = 2.121 = 2.107.3 CVE-2018-1000192
maven MAVEN:GHSA-2W4X-RXP7-GRG7 Exposure of Sensitive Information to an Unauthorized Actor in Jenkins moderate 2022-05-13T01:01:02
(2 years ago)
Affected <= 2.19.2 >= 2.20, <= 2.31 CVE-2016-9299
maven MAVEN:GHSA-2X9H-H3C4-WQQH Improper Neutralization of Special Elements used in an LDAP Query in Jenkins critical 2022-05-14T01:00:43
(2 years ago)
Fixed = 2.19.3 = 2.32 CVE-2016-9299
maven MAVEN:GHSA-2X9H-H3C4-WQQH Improper Neutralization of Special Elements used in an LDAP Query in Jenkins critical 2022-05-14T01:00:43
(2 years ago)
Affected > 2.204.6, <= 2.227 <= 2.204.5 CVE-2020-2163
maven MAVEN:GHSA-2XCM-H7VV-G8M9 Improper Neutralization of Input During Web Page Generation in Jenkins moderate 2022-05-24T17:12:40
(2 years ago)
Fixed = 2.228 = 2.204.6 CVE-2020-2163
maven MAVEN:GHSA-2XCM-H7VV-G8M9 Improper Neutralization of Input During Web Page Generation in Jenkins moderate 2022-05-24T17:12:40
(2 years ago)
Affected < 2.44 CVE-2017-2611
maven MAVEN:GHSA-3297-944X-J7X7 Incorrect Authorization in Jenkins Core moderate 2022-05-13T01:16:28
(2 years ago)
Fixed = 2.44 CVE-2017-2611
maven MAVEN:GHSA-3297-944X-J7X7 Incorrect Authorization in Jenkins Core moderate 2022-05-13T01:16:28
(2 years ago)
Affected < 2.319.3 >= 2.320, < 2.334 CVE-2022-0538
maven MAVEN:GHSA-34WX-X2W9-VQM3 DoS vulnerability in bundled XStream library in Jenkins Core moderate 2022-02-10T00:00:30
(2 years ago)
Fixed = 2.319.3 = 2.334 CVE-2022-0538
maven MAVEN:GHSA-34WX-X2W9-VQM3 DoS vulnerability in bundled XStream library in Jenkins Core moderate 2022-02-10T00:00:30
(2 years ago)
Affected < 2.3 CVE-2016-3722
maven MAVEN:GHSA-3857-XM38-JMQ2 Incorrect Authorization in Jenkins Core moderate 2022-05-14T03:57:44
(2 years ago)
Fixed = 2.3 CVE-2016-3722
maven MAVEN:GHSA-3857-XM38-JMQ2 Incorrect Authorization in Jenkins Core moderate 2022-05-14T03:57:44
(2 years ago)
Affected < 1.565.3 >= 1.566, < 1.583 CVE-2014-3664
maven MAVEN:GHSA-3GP5-92H5-H855 Jenkins Path Traversal vulnerability moderate 2022-05-17T01:24:36
(2 years ago)
Fixed = 1.565.3 = 1.583 CVE-2014-3664
maven MAVEN:GHSA-3GP5-92H5-H855 Jenkins Path Traversal vulnerability moderate 2022-05-17T01:24:36
(2 years ago)
Affected >= 2.140, <= 2.145 <= 2.138.1 CVE-2018-1000406
maven MAVEN:GHSA-3PR8-RF62-G893 Path Traversal in Jenkins moderate 2022-05-14T01:04:36
(2 years ago)
Fixed = 2.146 = 2.138.2 CVE-2018-1000406
maven MAVEN:GHSA-3PR8-RF62-G893 Path Traversal in Jenkins moderate 2022-05-14T01:04:36
(2 years ago)
Affected <= 2.303.2 >= 2.304, <= 2.318 CVE-2021-21687
maven MAVEN:GHSA-3Q84-VRVX-RFVF Multiple vulnerabilities allow bypassing path filtering of agent-to-controller access control in Jenkins critical 2022-05-24T19:19:44
(2 years ago)
Fixed = 2.303.3 = 2.319 CVE-2021-21687
maven MAVEN:GHSA-3Q84-VRVX-RFVF Multiple vulnerabilities allow bypassing path filtering of agent-to-controller access control in Jenkins critical 2022-05-24T19:19:44
(2 years ago)
Affected >= 2.34, <= 2.43 <= 2.32.1 CVE-2017-2607
maven MAVEN:GHSA-42M6-7XFF-9V9M Improper Neutralization of Input During Web Page Generation in Jenkins moderate 2022-05-13T01:36:54
(2 years ago)
Fixed = 2.44 = 2.32.2 CVE-2017-2607
maven MAVEN:GHSA-42M6-7XFF-9V9M Improper Neutralization of Input During Web Page Generation in Jenkins moderate 2022-05-13T01:36:54
(2 years ago)
Affected <= 2.46.1 >= 2.50, <= 2.56 CVE-2017-1000355
maven MAVEN:GHSA-4466-8JM4-448P Deserialization of Untrusted Data in Jenkins moderate 2022-05-14T03:44:36
(2 years ago)
Fixed = 2.46.2 = 2.57 CVE-2017-1000355
maven MAVEN:GHSA-4466-8JM4-448P Deserialization of Untrusted Data in Jenkins moderate 2022-05-14T03:44:36
(2 years ago)
Affected >= 2.264, <= 2.274 <= 2.263.1 CVE-2021-21609
maven MAVEN:GHSA-4625-Q52W-39CX Missing permission check for paths with specific prefix in Jenkins moderate 2022-05-24T17:39:12
(2 years ago)
Fixed = 2.275 = 2.263.2 CVE-2021-21609
maven MAVEN:GHSA-4625-Q52W-39CX Missing permission check for paths with specific prefix in Jenkins moderate 2022-05-24T17:39:12
(2 years ago)
Affected >= 2.177, <= 2.196 <= 2.176.3 CVE-2019-10405
maven MAVEN:GHSA-47WC-P5CP-W7PW Exposure of Sensitive Information to an Unauthorized Actor in Jenkins moderate 2022-05-24T22:00:43
(2 years ago)
Fixed = 2.197 = 2.176.4 CVE-2019-10405
maven MAVEN:GHSA-47WC-P5CP-W7PW Exposure of Sensitive Information to an Unauthorized Actor in Jenkins moderate 2022-05-24T22:00:43
(2 years ago)
Affected >= 2.304, <= 2.318 < 2.303.2 CVE-2021-21686
maven MAVEN:GHSA-4G38-HRM4-RG94 Multiple vulnerabilities allow bypassing path filtering of agent-to-controller access control in Jenkins critical 2022-05-24T19:19:45
(2 years ago)
Fixed = 2.319 = 2.303.3 CVE-2021-21686
maven MAVEN:GHSA-4G38-HRM4-RG94 Multiple vulnerabilities allow bypassing path filtering of agent-to-controller access control in Jenkins critical 2022-05-24T19:19:45
(2 years ago)
Affected >= 2.140, <= 2.145 <= 2.138.1 CVE-2018-1000408
maven MAVEN:GHSA-4H47-H3CR-23WH Improper Authorization in Jenkins moderate 2022-05-13T01:48:36
(2 years ago)
Fixed = 2.146 = 2.138.2 CVE-2018-1000408
maven MAVEN:GHSA-4H47-H3CR-23WH Improper Authorization in Jenkins moderate 2022-05-13T01:48:36
(2 years ago)
Affected >= 2.140, <= 2.153 <= 2.138.3 CVE-2018-1000863
maven MAVEN:GHSA-4JHM-5F7G-75FP Improper Limitation of a Pathname to a Restricted Directory in Jenkins high 2022-05-13T01:48:39
(2 years ago)
Fixed = 2.154 = 2.138.4 CVE-2018-1000863
maven MAVEN:GHSA-4JHM-5F7G-75FP Improper Limitation of a Pathname to a Restricted Directory in Jenkins high 2022-05-13T01:48:39
(2 years ago)
Affected < 2.204.2 >= 2.205, < 2.219 CVE-2020-2103
maven MAVEN:GHSA-4JJJ-CM7Q-V6HR Jenkins Diagnostic page exposed session cookies moderate 2022-05-24T17:07:40
(2 years ago)
Fixed = 2.204.2 = 2.219 CVE-2020-2103
maven MAVEN:GHSA-4JJJ-CM7Q-V6HR Jenkins Diagnostic page exposed session cookies moderate 2022-05-24T17:07:40
(2 years ago)
Affected >= 2.304, <= 2.314 <= 2.303.1 CVE-2021-21683
maven MAVEN:GHSA-4PW5-R58H-FV24 Path traversal vulnerability on Windows in Jenkins moderate 2022-05-24T19:16:59
(2 years ago)
Fixed = 2.315 = 2.303.2 CVE-2021-21683
maven MAVEN:GHSA-4PW5-R58H-FV24 Path traversal vulnerability on Windows in Jenkins moderate 2022-05-24T19:16:59
(2 years ago)
Affected <= 2.289.1 >= 2.292, <= 2.299 CVE-2021-21671
maven MAVEN:GHSA-4WR9-2XC6-JMG5 Session fixation vulnerability in Jenkins high 2022-05-24T19:06:36
(2 years ago)
Fixed = 2.289.2 = 2.300 CVE-2021-21671
maven MAVEN:GHSA-4WR9-2XC6-JMG5 Session fixation vulnerability in Jenkins high 2022-05-24T19:06:36
(2 years ago)
Affected >= 2.140, <= 2.145 <= 2.138.1 CVE-2018-1000410
maven MAVEN:GHSA-53JP-GMWC-JWF6 Exposure of Sensitive Information to an Unauthorized Actor in Jenkins high 2022-05-14T01:04:36
(2 years ago)
Fixed = 2.146 = 2.138.2 CVE-2018-1000410
maven MAVEN:GHSA-53JP-GMWC-JWF6 Exposure of Sensitive Information to an Unauthorized Actor in Jenkins high 2022-05-14T01:04:36
(2 years ago)
Affected >= 2.222.1, < 2.427 CVE-2024-23898
maven MAVEN:GHSA-53PH-2R2X-VQW8 Cross-site WebSocket hijacking vulnerability in the Jenkins CLI high 2024-01-24T18:31:02
(7 months ago)
Fixed = 2.427 CVE-2024-23898
maven MAVEN:GHSA-53PH-2R2X-VQW8 Cross-site WebSocket hijacking vulnerability in the Jenkins CLI high 2024-01-24T18:31:02
(7 months ago)
Affected >= 2.415, < 2.424 >= 2.50, < 2.414.2 CVE-2023-43496
maven MAVEN:GHSA-55WP-3PQ4-W8P9 Jenkins temporary plugin file created with insecure permissions high 2023-09-20T18:30:21
(12 months ago)
Fixed = 2.424 = 2.414.2 CVE-2023-43496
maven MAVEN:GHSA-55WP-3PQ4-W8P9 Jenkins temporary plugin file created with insecure permissions high 2023-09-20T18:30:21
(12 months ago)
Affected >= 2.388, < 2.394 >= 2.376, < 2.387.1 < 2.375.4 CVE-2023-27903
maven MAVEN:GHSA-584M-7R4M-8J6V Incorrect Authorization in Jenkins Core low 2023-03-10T21:30:19
(18 months ago)
Fixed = 2.394 = 2.387.1 = 2.375.4 CVE-2023-27903
maven MAVEN:GHSA-584M-7R4M-8J6V Incorrect Authorization in Jenkins Core low 2023-03-10T21:30:19
(18 months ago)
Affected >= 2.304, <= 2.318 < 2.303.2 CVE-2021-21685
maven MAVEN:GHSA-58XM-MXJF-254G Multiple vulnerabilities allow bypassing path filtering of agent-to-controller access control in Jenkins critical 2022-05-24T19:19:44
(2 years ago)
Fixed = 2.319 = 2.303.3 CVE-2021-21685
maven MAVEN:GHSA-58XM-MXJF-254G Multiple vulnerabilities allow bypassing path filtering of agent-to-controller access control in Jenkins critical 2022-05-24T19:19:44
(2 years ago)
Affected < 2.3 CVE-2016-3725
maven MAVEN:GHSA-59FM-6X3Q-Q3Q5 Missing permissions check in Jenkins Core moderate 2022-05-14T03:57:44
(2 years ago)
Fixed = 2.3 CVE-2016-3725
maven MAVEN:GHSA-59FM-6X3Q-Q3Q5 Missing permissions check in Jenkins Core moderate 2022-05-14T03:57:44
(2 years ago)
Affected >= 2.140, <= 2.145 <= 2.138.1 CVE-2018-1000997
maven MAVEN:GHSA-5HFP-964W-5VGM Improper Limitation of a Pathname to a Restricted Directory in Jenkins moderate 2022-05-14T01:04:35
(2 years ago)
Fixed = 2.146 = 2.138.2 CVE-2018-1000997
maven MAVEN:GHSA-5HFP-964W-5VGM Improper Limitation of a Pathname to a Restricted Directory in Jenkins moderate 2022-05-14T01:04:35
(2 years ago)
Affected >= 2.415, < 2.424 >= 2.50, < 2.414.2 CVE-2023-43495
maven MAVEN:GHSA-5J46-5HWQ-GWH7 Jenkins Cross-site Scripting vulnerability high 2023-09-20T18:30:21
(12 months ago)
Fixed = 2.424 = 2.414.2 CVE-2023-43495
maven MAVEN:GHSA-5J46-5HWQ-GWH7 Jenkins Cross-site Scripting vulnerability high 2023-09-20T18:30:21
(12 months ago)
Affected >= 2.90, < 2.107 < 2.89.4 CVE-2018-6356
maven MAVEN:GHSA-5P59-V5WM-77V4 Improper Limitation of a Pathname to a Restricted Directory in Jenkins moderate 2022-05-13T01:01:01
(2 years ago)
Fixed = 2.107 = 2.89.4 CVE-2018-6356
maven MAVEN:GHSA-5P59-V5WM-77V4 Improper Limitation of a Pathname to a Restricted Directory in Jenkins moderate 2022-05-13T01:01:01
(2 years ago)
Affected >= 2.74, <= 2.88 <= 2.73.2 CVE-2017-1000392
maven MAVEN:GHSA-5PPX-RGW2-XG23 Improper Neutralization of Input During Web Page Generation in Jenkins moderate 2022-05-14T01:04:30
(2 years ago)
Fixed = 2.89 = 2.73.3 CVE-2017-1000392
maven MAVEN:GHSA-5PPX-RGW2-XG23 Improper Neutralization of Input During Web Page Generation in Jenkins moderate 2022-05-14T01:04:30
(2 years ago)
Affected >= 2.346, < 2.346.1 >= 2.320, < 2.332.4 >= 2.350, < 2.356 CVE-2022-34170
maven MAVEN:GHSA-62WF-24C4-8R76 Cross-site Scripting vulnerability in Jenkins high 2022-06-24T00:00:31
(2 years ago)
Fixed = 2.346.1 = 2.332.4 = 2.356 CVE-2022-34170
maven MAVEN:GHSA-62WF-24C4-8R76 Cross-site Scripting vulnerability in Jenkins high 2022-06-24T00:00:31
(2 years ago)
Affected >= 2.122, < 2.132 < 2.121.2 CVE-2018-1999007
maven MAVEN:GHSA-6456-XJM5-G3PG Cross-site scripting vulnerability exists in Jenkins and Stapler Plugin moderate 2022-05-13T01:01:02
(2 years ago)
Fixed = 2.132 = 2.121.2 CVE-2018-1999007
maven MAVEN:GHSA-6456-XJM5-G3PG Cross-site scripting vulnerability exists in Jenkins and Stapler Plugin moderate 2022-05-13T01:01:02
(2 years ago)
Affected < 1.565.3 >= 1.566, < 1.583 CVE-2014-3663
maven MAVEN:GHSA-64MC-2M9P-23C8 Jenkins allows remote authenticated users to bypass intended restrictions and create or destroy arbitrary jobs moderate 2022-05-17T03:53:35
(2 years ago)
Fixed = 1.565.3 = 1.583 CVE-2014-3663
maven MAVEN:GHSA-64MC-2M9P-23C8 Jenkins allows remote authenticated users to bypass intended restrictions and create or destroy arbitrary jobs moderate 2022-05-17T03:53:35
(2 years ago)
Affected >= 2.122, < 2.138 < 2.121.3 CVE-2018-1999046
maven MAVEN:GHSA-667Q-VJ58-RJ88 Exposure of Sensitive Information to an Unauthorized Actor in Jenkins moderate 2022-05-14T01:04:56
(2 years ago)
Fixed = 2.138 = 2.121.3 CVE-2018-1999046
maven MAVEN:GHSA-667Q-VJ58-RJ88 Exposure of Sensitive Information to an Unauthorized Actor in Jenkins moderate 2022-05-14T01:04:56
(2 years ago)
Affected < 1.587 CVE-2014-3665
maven MAVEN:GHSA-66CR-6WHX-732P Jenkins improperly ensures trust separation moderate 2022-05-17T03:53:35
(2 years ago)
Fixed = 1.587 CVE-2014-3665
maven MAVEN:GHSA-66CR-6WHX-732P Jenkins improperly ensures trust separation moderate 2022-05-17T03:53:35
(2 years ago)
Affected >= 2.34, <= 2.43 <= 2.32.1 CVE-2017-2606
maven MAVEN:GHSA-6967-9VVV-4CMM Exposure of Sensitive Information to an Unauthorized Actor in Jenkins moderate 2022-05-13T01:36:54
(2 years ago)
Fixed = 2.44 = 2.32.2 CVE-2017-2606
maven MAVEN:GHSA-6967-9VVV-4CMM Exposure of Sensitive Information to an Unauthorized Actor in Jenkins moderate 2022-05-13T01:36:54
(2 years ago)
Affected >= 2.402, < 2.414.1 = 2.415 < 2.401.3 CVE-2023-39151
maven MAVEN:GHSA-69VW-3PCM-84RW Jenkins Stored Cross-site Scripting vulnerability high 2023-07-26T15:30:57
(13 months ago)
Fixed = 2.414.1 = 2.416 = 2.401.3 CVE-2023-39151
maven MAVEN:GHSA-69VW-3PCM-84RW Jenkins Stored Cross-site Scripting vulnerability high 2023-07-26T15:30:57
(13 months ago)
Affected >= 2.222.1, < 2.427 CVE-2024-23897
maven MAVEN:GHSA-6F9G-CXWR-Q5JR Arbitrary file read vulnerability through the Jenkins CLI can lead to RCE critical 2024-01-24T18:31:02
(7 months ago)
Fixed = 2.427 CVE-2024-23897
maven MAVEN:GHSA-6F9G-CXWR-Q5JR Arbitrary file read vulnerability through the Jenkins CLI can lead to RCE critical 2024-01-24T18:31:02
(7 months ago)
Affected >= 2.340, < 2.356 CVE-2022-34173
maven MAVEN:GHSA-6G4R-Q7QG-6QX6 Cross-site Scripting vulnerability in Jenkins high 2022-06-24T00:00:31
(2 years ago)
Fixed = 2.356 CVE-2022-34173
maven MAVEN:GHSA-6G4R-Q7QG-6QX6 Cross-site Scripting vulnerability in Jenkins high 2022-06-24T00:00:31
(2 years ago)
Affected >= 2.177, <= 2.185 <= 2.176.1 CVE-2019-10354
maven MAVEN:GHSA-6JFC-MC97-C7WG Missing Authorization in Jenkins moderate 2022-05-24T16:50:30
(2 years ago)
Fixed = 2.186 = 2.176.2 CVE-2019-10354
maven MAVEN:GHSA-6JFC-MC97-C7WG Missing Authorization in Jenkins moderate 2022-05-24T16:50:30
(2 years ago)
Affected >= 2.90, <= 2.106 <= 2.89.3 CVE-2018-1000067
maven MAVEN:GHSA-6MV9-HCX5-7MHH Server-Side Request Forgery in Jenkins moderate 2022-05-13T01:01:03
(2 years ago)
Fixed = 2.107 = 2.89.4 CVE-2018-1000067
maven MAVEN:GHSA-6MV9-HCX5-7MHH Server-Side Request Forgery in Jenkins moderate 2022-05-13T01:01:03
(2 years ago)
Affected <= 2.303.1 >= 2.304, <= 2.314 CVE-2021-21682
maven MAVEN:GHSA-6Q4G-84F3-MW74 Improper handling of equivalent directory names on Windows in Jenkins moderate 2022-05-24T19:16:59
(2 years ago)
Fixed = 2.303.2 = 2.315 CVE-2021-21682
maven MAVEN:GHSA-6Q4G-84F3-MW74 Improper handling of equivalent directory names on Windows in Jenkins moderate 2022-05-24T19:16:59
(2 years ago)
Affected < 2.159 CVE-2019-1003003
maven MAVEN:GHSA-6RH5-23HX-J452 Improper Authorization in Jenkins Core high 2022-05-13T01:05:22
(2 years ago)
Fixed = 2.159 CVE-2019-1003003
maven MAVEN:GHSA-6RH5-23HX-J452 Improper Authorization in Jenkins Core high 2022-05-13T01:05:22
(2 years ago)
Affected >= 2.165, <= 2.171 <= 2.164.1 CVE-2019-1003049
maven MAVEN:GHSA-742J-JCFR-23W3 Insufficient Session Expiration in Jenkins high 2022-05-13T01:01:01
(2 years ago)
Fixed = 2.172 = 2.164.2 CVE-2019-1003049
maven MAVEN:GHSA-742J-JCFR-23W3 Insufficient Session Expiration in Jenkins high 2022-05-13T01:01:01
(2 years ago)
Affected >= 2.108, <= 2.120 <= 2.107.2 CVE-2018-1000193
maven MAVEN:GHSA-7592-93RM-6GPX Injection in Jenkins moderate 2022-05-13T01:01:02
(2 years ago)
Fixed = 2.121 = 2.107.3 CVE-2018-1000193
maven MAVEN:GHSA-7592-93RM-6GPX Injection in Jenkins moderate 2022-05-13T01:01:02
(2 years ago)
Affected < 1.480.3 >= 1.481, < 1.502 CVE-2013-0329
maven MAVEN:GHSA-78CJ-2M29-Q5R9 Jenkins Cross-Site Request Forgery vulnerability moderate 2022-05-05T02:48:48
(2 years ago)
Fixed = 1.480.3 = 1.502 CVE-2013-0329
maven MAVEN:GHSA-78CJ-2M29-Q5R9 Jenkins Cross-Site Request Forgery vulnerability moderate 2022-05-05T02:48:48
(2 years ago)
Affected >= 2.177, <= 2.196 <= 2.176.3 CVE-2019-10403
maven MAVEN:GHSA-7CJC-XPPR-XJ6X Improper Neutralization of Input During Web Page Generation in Jenkins moderate 2022-05-24T22:00:43
(2 years ago)
Fixed = 2.197 = 2.176.4 CVE-2019-10403
maven MAVEN:GHSA-7CJC-XPPR-XJ6X Improper Neutralization of Input During Web Page Generation in Jenkins moderate 2022-05-24T22:00:43
(2 years ago)
Affected < 1.586 CVE-2014-9635
maven MAVEN:GHSA-7F6W-FHMR-J8HQ Jenkins HttpOnly flag not Set for session cookies moderate 2022-05-17T00:50:19
(2 years ago)
Fixed = 1.586 CVE-2014-9635
maven MAVEN:GHSA-7F6W-FHMR-J8HQ Jenkins HttpOnly flag not Set for session cookies moderate 2022-05-17T00:50:19
(2 years ago)
Affected < 2.332.4 >= 2.346, < 2.346.1 >= 2.350, < 2.356 CVE-2022-34171
maven MAVEN:GHSA-7F84-P6R5-JR6Q Cross-site Scripting vulnerability in Jenkins high 2022-06-24T00:00:31
(2 years ago)
Fixed = 2.332.4 = 2.346.1 = 2.356 CVE-2022-34171
maven MAVEN:GHSA-7F84-P6R5-JR6Q Cross-site Scripting vulnerability in Jenkins high 2022-06-24T00:00:31
(2 years ago)
Affected < 1.532.2 >= 1.533, < 1.551 CVE-2014-2058
maven MAVEN:GHSA-7FPG-PP3M-H22F Jenkins allows attackers to execute arbitrary jobs moderate 2022-05-17T03:53:55
(2 years ago)
Fixed = 1.532.2 = 1.551 CVE-2014-2058
maven MAVEN:GHSA-7FPG-PP3M-H22F Jenkins allows attackers to execute arbitrary jobs moderate 2022-05-17T03:53:55
(2 years ago)
Affected >= 2.264, <= 2.274 <= 2.263.1 CVE-2021-21610
maven MAVEN:GHSA-7QF3-C2Q8-69M3 Reflected XSS vulnerability in Jenkins markup formatter preview moderate 2022-05-24T17:39:13
(2 years ago)
Fixed = 2.275 = 2.263.2 CVE-2021-21610
maven MAVEN:GHSA-7QF3-C2Q8-69M3 Reflected XSS vulnerability in Jenkins markup formatter preview moderate 2022-05-24T17:39:13
(2 years ago)
Affected >= 2.34, <= 2.43 <= 2.32.1 CVE-2017-2599
maven MAVEN:GHSA-7R4H-2H23-6JQ9 Incorrect Authorization in Jenkins moderate 2022-05-13T01:12:25
(2 years ago)
Fixed = 2.44 = 2.32.2 CVE-2017-2599
maven MAVEN:GHSA-7R4H-2H23-6JQ9 Incorrect Authorization in Jenkins moderate 2022-05-13T01:12:25
(2 years ago)
Affected >= 2.205, <= 2.218 <= 2.204.1 CVE-2020-2105
maven MAVEN:GHSA-7XP8-7WQX-5HQX Jenkins REST APIs vulnerable to clickjacking low 2022-05-24T17:07:41
(2 years ago)
Fixed = 2.219 = 2.204.2 CVE-2020-2105
maven MAVEN:GHSA-7XP8-7WQX-5HQX Jenkins REST APIs vulnerable to clickjacking low 2022-05-24T17:07:41
(2 years ago)
Affected >= 1.513, < 1.514 < 1.509.1 CVE-2013-2033
maven MAVEN:GHSA-826F-32QM-VM3J Jenkins vulnerable to Cross-site Scripting moderate 2022-05-14T01:52:20
(2 years ago)
Fixed = 1.514 = 1.509.1 CVE-2013-2033
maven MAVEN:GHSA-826F-32QM-VM3J Jenkins vulnerable to Cross-site Scripting moderate 2022-05-14T01:52:20
(2 years ago)
Affected < 2.3 CVE-2016-3723
maven MAVEN:GHSA-8572-5JRG-MX52 Exposure of Sensitive Information in Jenkins Core moderate 2022-05-14T03:57:45
(2 years ago)
Fixed = 2.3 CVE-2016-3723
maven MAVEN:GHSA-8572-5JRG-MX52 Exposure of Sensitive Information in Jenkins Core moderate 2022-05-14T03:57:45
(2 years ago)
Affected <= 2.46.1 >= 2.50, <= 2.56 CVE-2017-1000356
maven MAVEN:GHSA-85WQ-PQHP-HMQ6 Cross-Site Request Forgery in Jenkins high 2022-05-14T03:44:36
(2 years ago)
Fixed = 2.46.2 = 2.57 CVE-2017-1000356
maven MAVEN:GHSA-85WQ-PQHP-HMQ6 Cross-Site Request Forgery in Jenkins high 2022-05-14T03:44:36
(2 years ago)
Affected >= 2.236, <= 2.244 <= 2.235.1 CVE-2020-2222
maven MAVEN:GHSA-864V-5Q2G-FR64 Stored XSS vulnerability in Jenkins 'keep forever' badge icon high 2022-05-24T17:23:39
(2 years ago)
Fixed = 2.245 = 2.235.2 CVE-2020-2222
maven MAVEN:GHSA-864V-5Q2G-FR64 Stored XSS vulnerability in Jenkins 'keep forever' badge icon high 2022-05-24T17:23:39
(2 years ago)
Affected < 1.532.2 >= 1.533, < 1.551 CVE-2014-2066
maven MAVEN:GHSA-8JFX-H6Q2-V4G3 Jenkins session fixation vulnerability moderate 2022-05-17T03:53:42
(2 years ago)
Fixed = 1.532.2 = 1.551 CVE-2014-2066
maven MAVEN:GHSA-8JFX-H6Q2-V4G3 Jenkins session fixation vulnerability moderate 2022-05-17T03:53:42
(2 years ago)
Affected >= 2.470, < 2.471 >= 2.460, < 2.462.1 < 2.452.4 CVE-2024-43045
maven MAVEN:GHSA-8PV9-QH96-9HC6 Jenkins does not perform a permission check in an HTTP endpoint moderate 2024-08-07T15:30:42
(5 weeks ago)
Fixed = 2.471 = 2.462.1 = 2.452.4 CVE-2024-43045
maven MAVEN:GHSA-8PV9-QH96-9HC6 Jenkins does not perform a permission check in an HTTP endpoint moderate 2024-08-07T15:30:42
(5 weeks ago)
Affected < 2.138 CVE-2018-1999044
maven MAVEN:GHSA-8QPF-FV36-H4R8 Infinite Loop in Jenkins Core moderate 2022-05-13T01:50:55
(2 years ago)
Fixed = 2.138 CVE-2018-1999044
maven MAVEN:GHSA-8QPF-FV36-H4R8 Infinite Loop in Jenkins Core moderate 2022-05-13T01:50:55
(2 years ago)
Affected < 2.159 CVE-2019-1003004
maven MAVEN:GHSA-8QXP-G8JV-P37X Improper Authorization in Jenkins Core high 2022-05-13T01:05:22
(2 years ago)
Fixed = 2.159 CVE-2019-1003004
maven MAVEN:GHSA-8QXP-G8JV-P37X Improper Authorization in Jenkins Core high 2022-05-13T01:05:22
(2 years ago)
Affected < 1.565.3 >= 1.566, < 1.583 CVE-2014-3680
maven MAVEN:GHSA-8X8P-MFWV-9FJW Jenkins Exposure of Sensitive Information to an Unauthorized Actor vulnerability moderate 2022-05-17T03:53:31
(2 years ago)
Fixed = 1.565.3 = 1.583 CVE-2014-3680
maven MAVEN:GHSA-8X8P-MFWV-9FJW Jenkins Exposure of Sensitive Information to an Unauthorized Actor vulnerability moderate 2022-05-17T03:53:31
(2 years ago)
Affected <= 2.303.2 >= 2.304, <= 2.318 CVE-2021-21692
maven MAVEN:GHSA-8XG4-XQ2V-V6J7 Multiple vulnerabilities allow bypassing path filtering of agent-to-controller access control in Jenkins critical 2022-05-24T19:19:44
(2 years ago)
Fixed = 2.303.3 = 2.319 CVE-2021-21692
maven MAVEN:GHSA-8XG4-XQ2V-V6J7 Multiple vulnerabilities allow bypassing path filtering of agent-to-controller access control in Jenkins critical 2022-05-24T19:19:44
(2 years ago)
Affected < 2.303.3 >= 2.304, <= 2.318 CVE-2021-21693
maven MAVEN:GHSA-929W-Q433-4H9X Multiple vulnerabilities allow bypassing path filtering of agent-to-controller access control in Jenkins critical 2022-05-24T19:19:44
(2 years ago)
Fixed = 2.303.3 = 2.319 CVE-2021-21693
maven MAVEN:GHSA-929W-Q433-4H9X Multiple vulnerabilities allow bypassing path filtering of agent-to-controller access control in Jenkins critical 2022-05-24T19:19:44
(2 years ago)
Affected >= 2.40, <= 2.43 >= 1.498, <= 2.32.1 CVE-2017-1000362
maven MAVEN:GHSA-92MR-4W2Q-4578 Exposure of Sensitive Information to an Unauthorized Actor in Jenkins critical 2022-05-17T02:25:41
(2 years ago)
Fixed = 2.44 = 2.32.2 CVE-2017-1000362
maven MAVEN:GHSA-92MR-4W2Q-4578 Exposure of Sensitive Information to an Unauthorized Actor in Jenkins critical 2022-05-17T02:25:41
(2 years ago)
Affected <= 2.303.2 >= 2.304, <= 2.318 CVE-2021-21690
maven MAVEN:GHSA-97C3-W9CR-6QC2 Multiple vulnerabilities allow bypassing path filtering of agent-to-controller access control in Jenkins critical 2022-05-24T19:19:44
(2 years ago)
Fixed = 2.303.3 = 2.319 CVE-2021-21690
maven MAVEN:GHSA-97C3-W9CR-6QC2 Multiple vulnerabilities allow bypassing path filtering of agent-to-controller access control in Jenkins critical 2022-05-24T19:19:44
(2 years ago)
Affected < 2.400 CVE-2023-35141
maven MAVEN:GHSA-98FP-R22G-WPJ7 Jenkins CSRF protection bypass vulnerability high 2023-06-14T15:30:37
(15 months ago)
Fixed = 2.400 CVE-2023-35141
maven MAVEN:GHSA-98FP-R22G-WPJ7 Jenkins CSRF protection bypass vulnerability high 2023-06-14T15:30:37
(15 months ago)
Affected >= 2.263.2, <= 2.274 < 2.263.1 CVE-2021-21603
maven MAVEN:GHSA-98GQ-6HXG-52R6 XSS vulnerability in Jenkins notification bar moderate 2022-05-24T17:39:12
(2 years ago)
Fixed = 2.275 CVE-2021-21603
maven MAVEN:GHSA-98GQ-6HXG-52R6 XSS vulnerability in Jenkins notification bar moderate 2022-05-24T17:39:12
(2 years ago)
Affected >= 2.90, <= 2.94 >= 2.81, <= 2.89.1 CVE-2017-1000504
maven MAVEN:GHSA-99HJ-PPG3-2XWC Cross-Site Request Forgery in Jenkins high 2022-05-14T01:04:36
(2 years ago)
Fixed = 2.95 = 2.89.2 CVE-2017-1000504
maven MAVEN:GHSA-99HJ-PPG3-2XWC Cross-Site Request Forgery in Jenkins high 2022-05-14T01:04:36
(2 years ago)
Affected >= 2.140, <= 2.153 <= 2.138.3 CVE-2018-1000864
maven MAVEN:GHSA-9CJV-93G7-C6MV Loop with Unreachable Exit Condition in Jenkins moderate 2022-05-13T01:48:40
(2 years ago)
Fixed = 2.154 = 2.138.4 CVE-2018-1000864
maven MAVEN:GHSA-9CJV-93G7-C6MV Loop with Unreachable Exit Condition in Jenkins moderate 2022-05-13T01:48:40
(2 years ago)
Affected >= 2.236, <= 2.251 <= 2.235.3 CVE-2020-2230
maven MAVEN:GHSA-9G4M-FFX6-C29G Jenkins Cross-site Scripting vulnerability in project naming strategy high 2022-05-24T17:25:24
(2 years ago)
Fixed = 2.252 = 2.235.4 CVE-2020-2230
maven MAVEN:GHSA-9G4M-FFX6-C29G Jenkins Cross-site Scripting vulnerability in project naming strategy high 2022-05-24T17:25:24
(2 years ago)
Affected < 2.332.4 >= 2.334, < 2.356 CVE-2022-34174
maven MAVEN:GHSA-9GRJ-J43M-MJQR Observable timing discrepancy allows determining username validity in Jenkins moderate 2022-06-24T00:00:31
(2 years ago)
Fixed = 2.332.4 = 2.356 CVE-2022-34174
maven MAVEN:GHSA-9GRJ-J43M-MJQR Observable timing discrepancy allows determining username validity in Jenkins moderate 2022-06-24T00:00:31
(2 years ago)
Affected <= 2.107.1 >= 2.108, <= 2.115 CVE-2018-1000170
maven MAVEN:GHSA-9JCV-V4JP-W3CQ Cross-site Scripting in Jenkins Core moderate 2022-05-14T01:04:36
(2 years ago)
Fixed = 2.107.2 = 2.116 CVE-2018-1000170
maven MAVEN:GHSA-9JCV-V4JP-W3CQ Cross-site Scripting in Jenkins Core moderate 2022-05-14T01:04:36
(2 years ago)
Affected >= 2.177, <= 2.191 <= 2.176.2 CVE-2019-10383
maven MAVEN:GHSA-9M48-54PJ-H248 Improper Neutralization of Input During Web Page Generation in Jenkins moderate 2022-05-24T16:55:01
(2 years ago)
Fixed = 2.192 = 2.176.3 CVE-2019-10383
maven MAVEN:GHSA-9M48-54PJ-H248 Improper Neutralization of Input During Web Page Generation in Jenkins moderate 2022-05-24T16:55:01
(2 years ago)
Affected >= 2.177, <= 2.196 <= 2.176.3 CVE-2019-10404
maven MAVEN:GHSA-9QGF-4FPF-CMH2 Improper Neutralization of Input During Web Page Generation in Jenkins moderate 2022-05-24T22:00:43
(2 years ago)
Fixed = 2.197 = 2.176.4 CVE-2019-10404
maven MAVEN:GHSA-9QGF-4FPF-CMH2 Improper Neutralization of Input During Web Page Generation in Jenkins moderate 2022-05-24T22:00:43
(2 years ago)
Affected < 1.532.2 >= 1.533, < 1.551 CVE-2014-2064
maven MAVEN:GHSA-9VG9-X38G-9HFX Jenkins allows attackers to determine whether a user exists moderate 2022-05-17T03:53:52
(2 years ago)
Fixed = 1.532.2 = 1.551 CVE-2014-2064
maven MAVEN:GHSA-9VG9-X38G-9HFX Jenkins allows attackers to determine whether a user exists moderate 2022-05-17T03:53:52
(2 years ago)
Affected <= 2.303.2 >= 2.304, <= 2.318 CVE-2021-21696
maven MAVEN:GHSA-C5R9-RX53-Q3GF Agent-to-controller access control allowed writing to sensitive directory used by Jenkins Pipeline: Shared Groovy Libraries Plugin high 2022-05-24T19:19:43
(2 years ago)
Fixed = 2.303.3 = 2.319 CVE-2021-21696
maven MAVEN:GHSA-C5R9-RX53-Q3GF Agent-to-controller access control allowed writing to sensitive directory used by Jenkins Pipeline: Shared Groovy Libraries Plugin high 2022-05-24T19:19:43
(2 years ago)
Affected >= 2.205, <= 2.227 <= 2.204.5 CVE-2020-2160
maven MAVEN:GHSA-C735-G9F2-2MVP Cross-Site Request Forgery in Jenkins high 2022-05-24T17:12:40
(2 years ago)
Fixed = 2.228 = 2.204.6 CVE-2020-2160
maven MAVEN:GHSA-C735-G9F2-2MVP Cross-Site Request Forgery in Jenkins high 2022-05-24T17:12:40
(2 years ago)
Affected >= 2.388, < 2.394 < 2.375.4 >= 2.376, < 2.387.1 CVE-2023-27902
maven MAVEN:GHSA-CJ6R-8PXJ-5JV6 Incorrect Permission Preservation in Jenkins Core moderate 2023-03-10T21:30:19
(18 months ago)
Fixed = 2.394 = 2.375.4 = 2.387.1 CVE-2023-27902
maven MAVEN:GHSA-CJ6R-8PXJ-5JV6 Incorrect Permission Preservation in Jenkins Core moderate 2023-03-10T21:30:19
(18 months ago)
Affected >= 2.108, <= 2.115 <= 2.107.1 CVE-2018-1000169
maven MAVEN:GHSA-CPW3-X7GF-P872 Exposure of Sensitive Information to an Unauthorized Actor in Jenkins moderate 2022-05-14T00:55:17
(2 years ago)
Fixed = 2.116 = 2.107.2 CVE-2018-1000169
maven MAVEN:GHSA-CPW3-X7GF-P872 Exposure of Sensitive Information to an Unauthorized Actor in Jenkins moderate 2022-05-14T00:55:17
(2 years ago)
Affected >= 2.204.6, <= 2.227 <= 2.204.5 CVE-2020-2162
maven MAVEN:GHSA-CRG2-6XV3-QG5F Improper Neutralization of Input During Web Page Generation in Jenkins moderate 2022-05-24T17:12:40
(2 years ago)
Fixed = 2.228 CVE-2020-2162
maven MAVEN:GHSA-CRG2-6XV3-QG5F Improper Neutralization of Input During Web Page Generation in Jenkins moderate 2022-05-24T17:12:40
(2 years ago)
Affected <= 2.303.2 >= 2.304, <= 2.318 CVE-2021-21697
maven MAVEN:GHSA-CV2W-Q8C3-XJV7 Agent-to-controller access control allows reading/writing most content of build directories in Jenkins critical 2022-05-24T19:19:43
(2 years ago)
Fixed = 2.303.3 = 2.319 CVE-2021-21697
maven MAVEN:GHSA-CV2W-Q8C3-XJV7 Agent-to-controller access control allows reading/writing most content of build directories in Jenkins critical 2022-05-24T19:19:43
(2 years ago)
Affected < 2.303.3 >= 2.304, <= 2.318 CVE-2021-21695
maven MAVEN:GHSA-CVVM-4CR9-R436 Multiple vulnerabilities allow bypassing path filtering of agent-to-controller access control in Jenkins critical 2022-05-24T19:19:43
(2 years ago)
Fixed = 2.303.3 = 2.319 CVE-2021-21695
maven MAVEN:GHSA-CVVM-4CR9-R436 Multiple vulnerabilities allow bypassing path filtering of agent-to-controller access control in Jenkins critical 2022-05-24T19:19:43
(2 years ago)
Affected < 1.565.3 >= 1.566, < 1.583 CVE-2014-3681
maven MAVEN:GHSA-CWH9-F8M6-6R63 Jenkins Cross-site Scripting vulnerability moderate 2022-05-14T01:48:04
(2 years ago)
Fixed = 1.565.3 = 1.583 CVE-2014-3681
maven MAVEN:GHSA-CWH9-F8M6-6R63 Jenkins Cross-site Scripting vulnerability moderate 2022-05-14T01:48:04
(2 years ago)
Affected >= 2.264, <= 2.274 <= 2.263.1 CVE-2021-21607
maven MAVEN:GHSA-CXQW-VJCR-GP5G Excessive memory allocation in graph URLs leads to denial of service in Jenkins moderate 2022-05-24T17:39:13
(2 years ago)
Fixed = 2.275 = 2.263.2 CVE-2021-21607
maven MAVEN:GHSA-CXQW-VJCR-GP5G Excessive memory allocation in graph URLs leads to denial of service in Jenkins moderate 2022-05-24T17:39:13
(2 years ago)
Affected >= 2.264, <= 2.274 < 2.263.2 CVE-2021-21606
maven MAVEN:GHSA-F585-9FW3-RJ2M Arbitrary file existence check in file fingerprints in Jenkins moderate 2022-05-24T17:39:12
(2 years ago)
Fixed = 2.275 = 2.263.2 CVE-2021-21606
maven MAVEN:GHSA-F585-9FW3-RJ2M Arbitrary file existence check in file fingerprints in Jenkins moderate 2022-05-24T17:39:12
(2 years ago)
Affected >= 2.74, <= 2.83 <= 2.73.1 CVE-2017-1000394
maven MAVEN:GHSA-F7F6-XRWC-9C57 Improper Input Validation in Jenkins high 2022-05-14T01:04:31
(2 years ago)
Fixed = 2.84 = 2.73.2 CVE-2017-1000394
maven MAVEN:GHSA-F7F6-XRWC-9C57 Improper Input Validation in Jenkins high 2022-05-14T01:04:31
(2 years ago)
Affected >= 2.34, <= 2.43 <= 2.32.1 CVE-2017-2602
maven MAVEN:GHSA-FFGG-VPHH-V273 Incomplete List of Disallowed Inputs in Jenkins moderate 2022-05-13T01:36:56
(2 years ago)
Fixed = 2.44 = 2.32.2 CVE-2017-2602
maven MAVEN:GHSA-FFGG-VPHH-V273 Incomplete List of Disallowed Inputs in Jenkins moderate 2022-05-13T01:36:56
(2 years ago)
Affected >= 1.513, < 1.514 < 1.509.1 CVE-2013-2034
maven MAVEN:GHSA-FG4R-F9J2-36MW Jenkins Cross-Site Request Forgery vulnerabilities moderate 2022-05-17T03:51:00
(2 years ago)
Fixed = 1.514 = 1.509.1 CVE-2013-2034
maven MAVEN:GHSA-FG4R-F9J2-36MW Jenkins Cross-Site Request Forgery vulnerabilities moderate 2022-05-17T03:51:00
(2 years ago)
Affected >= 2.205, <= 2.218 <= 2.204.1 CVE-2020-2102
maven MAVEN:GHSA-FJ6F-6933-839J Non-constant time HMAC comparison moderate 2022-05-24T17:07:40
(2 years ago)
Fixed = 2.219 = 2.204.2 CVE-2020-2102
maven MAVEN:GHSA-FJ6F-6933-839J Non-constant time HMAC comparison moderate 2022-05-24T17:07:40
(2 years ago)
Affected >= 2.74, <= 2.83 <= 2.73.1 CVE-2017-1000396
maven MAVEN:GHSA-FQ9F-9WV9-RFMG Improper Certificate Validation in Jenkins moderate 2022-05-14T01:04:35
(2 years ago)
Fixed = 2.84 = 2.73.2 CVE-2017-1000396
maven MAVEN:GHSA-FQ9F-9WV9-RFMG Improper Certificate Validation in Jenkins moderate 2022-05-14T01:04:35
(2 years ago)
Affected >= 2.376, < 2.387.1 >= 2.388, < 2.394 < 2.375.4 CVE-2023-27900
maven MAVEN:GHSA-FRGR-C5F2-8QHH Denial of service in Jenkins Core moderate 2023-03-10T21:30:19
(18 months ago)
Fixed = 2.387.1 = 2.394 = 2.375.4 CVE-2023-27900
maven MAVEN:GHSA-FRGR-C5F2-8QHH Denial of service in Jenkins Core moderate 2023-03-10T21:30:19
(18 months ago)
Affected >= 2.34, < 2.44 < 2.32.2 CVE-2017-2608
maven MAVEN:GHSA-FWQR-3PVP-PJWQ Deserialization of Untrusted Data in Jenkins high 2022-05-13T01:36:54
(2 years ago)
Fixed = 2.44 = 2.32.2 CVE-2017-2608
maven MAVEN:GHSA-FWQR-3PVP-PJWQ Deserialization of Untrusted Data in Jenkins high 2022-05-13T01:36:54
(2 years ago)
Affected < 1.532.2 >= 1.533, < 1.551 CVE-2014-2065
maven MAVEN:GHSA-FXJ8-CQCP-3VGQ Jenkins cross-site scripting (XSS) vulnerability moderate 2022-05-17T03:53:42
(2 years ago)
Fixed = 1.532.2 = 1.551 CVE-2014-2065
maven MAVEN:GHSA-FXJ8-CQCP-3VGQ Jenkins cross-site scripting (XSS) vulnerability moderate 2022-05-17T03:53:42
(2 years ago)
Affected < 1.565.3 >= 1.566, < 1.583 CVE-2014-3662
maven MAVEN:GHSA-FXQR-PX2M-FVC2 Jenkins Exposure of Sensitive Information to an Unauthorized Actor vulnerability moderate 2022-05-17T03:53:35
(2 years ago)
Fixed = 1.565.3 = 1.583 CVE-2014-3662
maven MAVEN:GHSA-FXQR-PX2M-FVC2 Jenkins Exposure of Sensitive Information to an Unauthorized Actor vulnerability moderate 2022-05-17T03:53:35
(2 years ago)
Affected >= 2.236, <= 2.244 <= 2.235.1 CVE-2020-2221
maven MAVEN:GHSA-G4J6-M3M3-CRW8 Stored XSS vulnerability in Jenkins upstream cause high 2022-05-24T17:23:38
(2 years ago)
Fixed = 2.245 = 2.235.2 CVE-2020-2221
maven MAVEN:GHSA-G4J6-M3M3-CRW8 Stored XSS vulnerability in Jenkins upstream cause high 2022-05-24T17:23:38
(2 years ago)
Affected >= 2.74, <= 2.83 <= 2.73.1 CVE-2017-1000399
maven MAVEN:GHSA-G78X-XMV8-23XP Exposure of Sensitive Information to an Unauthorized Actor in Jenkins moderate 2022-05-14T01:04:36
(2 years ago)
Fixed = 2.84 = 2.73.2 CVE-2017-1000399
maven MAVEN:GHSA-G78X-XMV8-23XP Exposure of Sensitive Information to an Unauthorized Actor in Jenkins moderate 2022-05-14T01:04:36
(2 years ago)
Affected < 1.586 CVE-2014-9634
maven MAVEN:GHSA-G7CF-WG27-QW87 Jenkins secure flag not set on session cookies moderate 2022-05-17T00:50:18
(2 years ago)
Fixed = 1.586 CVE-2014-9634
maven MAVEN:GHSA-G7CF-WG27-QW87 Jenkins secure flag not set on session cookies moderate 2022-05-17T00:50:18
(2 years ago)
Affected > 2.222.1, <= 2.227 <= 2.204.5 CVE-2020-2161
maven MAVEN:GHSA-G8PG-QRVM-WGH2 Improper Neutralization of Input During Web Page Generation in Jenkins moderate 2022-05-24T17:12:40
(2 years ago)
Fixed = 2.228 = 2.204.6 CVE-2020-2161
maven MAVEN:GHSA-G8PG-QRVM-WGH2 Improper Neutralization of Input During Web Page Generation in Jenkins moderate 2022-05-24T17:12:40
(2 years ago)
Affected >= 2.236, <= 2.244 <= 2.235.1 CVE-2020-2223
maven MAVEN:GHSA-GFHJ-524Q-GCRM Stored XSS vulnerability in Jenkins console links high 2022-05-24T17:23:38
(2 years ago)
Fixed = 2.245 = 2.235.2 CVE-2020-2223
maven MAVEN:GHSA-GFHJ-524Q-GCRM Stored XSS vulnerability in Jenkins console links high 2022-05-24T17:23:38
(2 years ago)
Affected >= 2.205, < 2.219 < 2.204.2 CVE-2020-2100
maven MAVEN:GHSA-GPXV-776P-7GC7 Jenkins vulnerable to UDP amplification reflection attack moderate 2022-05-24T17:07:40
(2 years ago)
Fixed = 2.219 = 2.204.2 CVE-2020-2100
maven MAVEN:GHSA-GPXV-776P-7GC7 Jenkins vulnerable to UDP amplification reflection attack moderate 2022-05-24T17:07:40
(2 years ago)
Affected < 1.480.3 >= 1.481, < 1.502 CVE-2013-7330
maven MAVEN:GHSA-H5JV-HG68-MJHG Jenkins allows attackers to configure restricted projects moderate 2022-05-17T03:53:55
(2 years ago)
Fixed = 1.480.3 = 1.502 CVE-2013-7330
maven MAVEN:GHSA-H5JV-HG68-MJHG Jenkins allows attackers to configure restricted projects moderate 2022-05-17T03:53:55
(2 years ago)
Affected >= 2.376, < 2.387.1 >= 2.388, < 2.394 < 2.375.4 CVE-2023-27901
maven MAVEN:GHSA-H76P-MC68-JV3P Denial of service in Jenkins Core high 2023-03-10T21:30:19
(18 months ago)
Fixed = 2.387.1 = 2.394 = 2.375.4 CVE-2023-27901
maven MAVEN:GHSA-H76P-MC68-JV3P Denial of service in Jenkins Core high 2023-03-10T21:30:19
(18 months ago)
Affected >= 2.470, < 2.471 >= 2.460, < 2.462.1 < 2.452.4 CVE-2024-43044
maven MAVEN:GHSA-H856-FFVV-XVR4 Jenkins Remoting library arbitrary file read vulnerability critical 2024-08-07T15:30:42
(5 weeks ago)
Fixed = 2.471 = 2.462.1 = 2.452.4 CVE-2024-43044
maven MAVEN:GHSA-H856-FFVV-XVR4 Jenkins Remoting library arbitrary file read vulnerability critical 2024-08-07T15:30:42
(5 weeks ago)
Affected >= 2.74, <= 2.83 <= 2.73.1 CVE-2017-1000401
maven MAVEN:GHSA-H8C5-C92G-JQ6X Improper Input Validation in Jenkins low 2022-05-14T01:04:35
(2 years ago)
Fixed = 2.84 = 2.73.2 CVE-2017-1000401
maven MAVEN:GHSA-H8C5-C92G-JQ6X Improper Input Validation in Jenkins low 2022-05-14T01:04:35
(2 years ago)
Affected >= 2.74, <= 2.83 <= 2.73.1 CVE-2017-1000398
maven MAVEN:GHSA-H972-CWJV-2V39 Exposure of Sensitive Information to an Unauthorized Actor in Jenkins moderate 2022-05-14T01:04:35
(2 years ago)
Fixed = 2.84 = 2.73.2 CVE-2017-1000398
maven MAVEN:GHSA-H972-CWJV-2V39 Exposure of Sensitive Information to an Unauthorized Actor in Jenkins moderate 2022-05-14T01:04:35
(2 years ago)
Affected >= 2.177, <= 2.185 <= 2.176.1 CVE-2019-10353
maven MAVEN:GHSA-HCXF-RQ72-H4RR Cross-Site Request Forgery in Jenkins high 2022-05-24T16:50:30
(2 years ago)
Fixed = 2.186 = 2.176.2 CVE-2019-10353
maven MAVEN:GHSA-HCXF-RQ72-H4RR Cross-Site Request Forgery in Jenkins high 2022-05-24T16:50:30
(2 years ago)
Affected >= 2.388, < 2.394 >= 2.376, < 2.387.1 < 2.375.4 CVE-2023-27899
maven MAVEN:GHSA-HF9H-VV4M-2F33 Incorrect Authorization in Jenkins Core high 2023-03-10T21:30:19
(18 months ago)
Fixed = 2.394 = 2.387.1 = 2.375.4 CVE-2023-27899
maven MAVEN:GHSA-HF9H-VV4M-2F33 Incorrect Authorization in Jenkins Core high 2023-03-10T21:30:19
(18 months ago)
Affected >= 2.177, <= 2.196 <= 2.176.3 CVE-2019-10401
maven MAVEN:GHSA-HG6G-JJ7G-X6V2 Improper Neutralization of Input During Web Page Generation in Jenkins moderate 2022-05-24T22:00:43
(2 years ago)
Fixed = 2.197 = 2.176.4 CVE-2019-10401
maven MAVEN:GHSA-HG6G-JJ7G-X6V2 Improper Neutralization of Input During Web Page Generation in Jenkins moderate 2022-05-24T22:00:43
(2 years ago)
Affected >= 2.140, <= 2.153 <= 2.138.3 CVE-2018-1000861
maven MAVEN:GHSA-HHPM-5CP2-HG4X Deserialization of Untrusted Data in Jenkins critical 2022-05-13T01:01:00
(2 years ago)
Fixed = 2.154 = 2.138.4 CVE-2018-1000861
maven MAVEN:GHSA-HHPM-5CP2-HG4X Deserialization of Untrusted Data in Jenkins critical 2022-05-13T01:01:00
(2 years ago)
Affected >= 2.140, <= 2.153 <= 2.138.3 CVE-2018-1000862
maven MAVEN:GHSA-HPH9-9VCQ-F7GP Exposure of Sensitive Information to an Unauthorized Actor in Jenkins moderate 2022-05-14T01:04:36
(2 years ago)
Fixed = 2.154 = 2.138.4 CVE-2018-1000862
maven MAVEN:GHSA-HPH9-9VCQ-F7GP Exposure of Sensitive Information to an Unauthorized Actor in Jenkins moderate 2022-05-14T01:04:36
(2 years ago)
Affected >= 2.415, < 2.424 >= 2.50, < 2.414.2 CVE-2023-43498
maven MAVEN:GHSA-HQ87-H4JG-VXFW Jenkins temporary uploaded file created with insecure permissions low 2023-09-20T18:30:21
(12 months ago)
Fixed = 2.424 = 2.414.2 CVE-2023-43498
maven MAVEN:GHSA-HQ87-H4JG-VXFW Jenkins temporary uploaded file created with insecure permissions low 2023-09-20T18:30:21
(12 months ago)
Affected >= 2.140, <= 2.145 <= 2.138.1 CVE-2018-1000407
maven MAVEN:GHSA-HV45-5J9H-7FHG Cross-site Scripting in Jenkins moderate 2022-05-14T01:04:36
(2 years ago)
Fixed = 2.146 = 2.138.2 CVE-2018-1000407
maven MAVEN:GHSA-HV45-5J9H-7FHG Cross-site Scripting in Jenkins moderate 2022-05-14T01:04:36
(2 years ago)
Affected >= 2.236, <= 2.251 <= 2.235.3 CVE-2020-2229
maven MAVEN:GHSA-HVMC-7G2X-R3P9 Jenkins Cross-Site Scripting vulnerability in help icons high 2022-05-24T17:25:24
(2 years ago)
Fixed = 2.252 = 2.235.4 CVE-2020-2229
maven MAVEN:GHSA-HVMC-7G2X-R3P9 Jenkins Cross-Site Scripting vulnerability in help icons high 2022-05-24T17:25:24
(2 years ago)
Affected >= 2.177, <= 2.196 <= 2.176.3 CVE-2019-10406
maven MAVEN:GHSA-HW55-F8WC-82M6 Improper Neutralization of Input During Web Page Generation in Jenkins moderate 2022-05-24T22:00:44
(2 years ago)
Fixed = 2.197 = 2.176.4 CVE-2019-10406
maven MAVEN:GHSA-HW55-F8WC-82M6 Improper Neutralization of Input During Web Page Generation in Jenkins moderate 2022-05-24T22:00:44
(2 years ago)
Affected < 2.303.3 >= 2.304, <= 2.318 CVE-2021-21689
maven MAVEN:GHSA-J3CQ-H6VH-GX7F Multiple vulnerabilities allow bypassing path filtering of agent-to-controller access control in Jenkins critical 2022-05-24T19:19:44
(2 years ago)
Fixed = 2.303.3 = 2.319 CVE-2021-21689
maven MAVEN:GHSA-J3CQ-H6VH-GX7F Multiple vulnerabilities allow bypassing path filtering of agent-to-controller access control in Jenkins critical 2022-05-24T19:19:44
(2 years ago)
Affected >= 2.74, <= 2.83 <= 2.73.1 CVE-2017-1000393
maven MAVEN:GHSA-J472-MCQ2-95P6 OS Command Injection in Jenkins high 2022-05-14T01:04:30
(2 years ago)
Fixed = 2.84 = 2.73.2 CVE-2017-1000393
maven MAVEN:GHSA-J472-MCQ2-95P6 OS Command Injection in Jenkins high 2022-05-14T01:04:30
(2 years ago)
Affected < 2.375.4 >= 2.376, < 2.394 CVE-2023-27898
maven MAVEN:GHSA-J664-QHH4-HPF8 Cross-site Scripting vulnerability in Jenkins high 2023-03-10T21:30:19
(18 months ago)
Fixed = 2.375.4 = 2.394 CVE-2023-27898
maven MAVEN:GHSA-J664-QHH4-HPF8 Cross-site Scripting vulnerability in Jenkins high 2023-03-10T21:30:19
(18 months ago)
Affected >= 2.122, < 2.132 < 2.121.2 CVE-2018-1999001
maven MAVEN:GHSA-J8QV-MJ4R-6FW4 Improper Input Validation in Jenkins high 2022-05-13T01:01:00
(2 years ago)
Fixed = 2.132 = 2.121.2 CVE-2018-1999001
maven MAVEN:GHSA-J8QV-MJ4R-6FW4 Improper Input Validation in Jenkins high 2022-05-13T01:01:00
(2 years ago)
Affected >= 2.34, < 2.44 < 2.32.2 CVE-2017-2610
maven MAVEN:GHSA-JFF5-55XJ-4JCQ Improper Neutralization of Input During Web Page Generation in Jenkins moderate 2022-05-13T01:36:54
(2 years ago)
Fixed = 2.44 = 2.32.2 CVE-2017-2610
maven MAVEN:GHSA-JFF5-55XJ-4JCQ Improper Neutralization of Input During Web Page Generation in Jenkins moderate 2022-05-13T01:36:54
(2 years ago)
Affected < 1.650 CVE-2016-0790
maven MAVEN:GHSA-JGPR-QRW2-6GP3 Exposure of Sensitive Information in Jenkins Core moderate 2022-05-14T03:58:16
(2 years ago)
Fixed = 1.650 CVE-2016-0790
maven MAVEN:GHSA-JGPR-QRW2-6GP3 Exposure of Sensitive Information in Jenkins Core moderate 2022-05-14T03:58:16
(2 years ago)
Affected < 1.650 CVE-2016-0791
maven MAVEN:GHSA-JMW7-PH6P-33CC Exposure of Sensitive Information in Jenkins Core critical 2022-05-14T03:58:15
(2 years ago)
Fixed = 1.650 CVE-2016-0791
maven MAVEN:GHSA-JMW7-PH6P-33CC Exposure of Sensitive Information in Jenkins Core critical 2022-05-14T03:58:15
(2 years ago)
Affected >= 2.237, <= 2.251 <= 2.235.3 CVE-2020-2231
maven MAVEN:GHSA-JPVQ-V729-7J2H Improper Neutralization of Input During Web Page Generation in Jenkins moderate 2022-05-24T17:25:24
(2 years ago)
Fixed = 2.252 = 2.235.4 CVE-2020-2231
maven MAVEN:GHSA-JPVQ-V729-7J2H Improper Neutralization of Input During Web Page Generation in Jenkins moderate 2022-05-24T17:25:24
(2 years ago)
Affected < 1.480.2 >= 1.481, < 1.498 CVE-2013-0158
maven MAVEN:GHSA-JWFR-H6JP-9P2G Jenkins allows attackers to obtain the master cryptographic key low 2022-05-05T02:48:30
(2 years ago)
Fixed = 1.480.2 = 1.498 CVE-2013-0158
maven MAVEN:GHSA-JWFR-H6JP-9P2G Jenkins allows attackers to obtain the master cryptographic key low 2022-05-05T02:48:30
(2 years ago)
Affected >= 2.34, <= 2.43 <= 2.32.1 CVE-2017-2604
maven MAVEN:GHSA-M93H-5QMX-PPHG Improper Authentication in Jenkins moderate 2022-05-13T01:36:54
(2 years ago)
Fixed = 2.44 = 2.32.2 CVE-2017-2604
maven MAVEN:GHSA-M93H-5QMX-PPHG Improper Authentication in Jenkins moderate 2022-05-13T01:36:54
(2 years ago)
Affected <= 2.303.2 >= 2.304, <= 2.318 CVE-2021-21688
maven MAVEN:GHSA-M9HR-259F-2V23 Multiple vulnerabilities allow bypassing path filtering of agent-to-controller access control in Jenkins critical 2022-05-24T19:19:44
(2 years ago)
Fixed = 2.303.3 = 2.319 CVE-2021-21688
maven MAVEN:GHSA-M9HR-259F-2V23 Multiple vulnerabilities allow bypassing path filtering of agent-to-controller access control in Jenkins critical 2022-05-24T19:19:44
(2 years ago)
Affected >= 2.332, < 2.332.4 >= 2.340, < 2.356 CVE-2022-34172
maven MAVEN:GHSA-MHP7-3393-PFQR Cross-site Scripting vulnerability in Jenkins high 2022-06-24T00:00:31
(2 years ago)
Fixed = 2.332.4 = 2.356 CVE-2022-34172
maven MAVEN:GHSA-MHP7-3393-PFQR Cross-site Scripting vulnerability in Jenkins high 2022-06-24T00:00:31
(2 years ago)
Affected >= 2.264, <= 2.274 <= 2.263.1 CVE-2021-21611
maven MAVEN:GHSA-MJ7Q-CMF3-MG7H Stored XSS vulnerability in Jenkins on new item page moderate 2022-05-24T17:39:13
(2 years ago)
Fixed = 2.275 = 2.263.2 CVE-2021-21611
maven MAVEN:GHSA-MJ7Q-CMF3-MG7H Stored XSS vulnerability in Jenkins on new item page moderate 2022-05-24T17:39:13
(2 years ago)
Affected >= 2.122, <= 2.132 < 2.121.2 CVE-2018-1999003
maven MAVEN:GHSA-P265-XR98-3VMR Incorrect Authorization in Jenkins moderate 2022-05-13T01:00:59
(2 years ago)
Fixed = 2.133 = 2.121.2 CVE-2018-1999003
maven MAVEN:GHSA-P265-XR98-3VMR Incorrect Authorization in Jenkins moderate 2022-05-13T01:00:59
(2 years ago)
Affected >= 2.335, < 2.356 CVE-2022-34175
maven MAVEN:GHSA-P3RC-946H-8CF5 Unauthorized view fragment access in Jenkins high 2022-06-24T00:00:31
(2 years ago)
Fixed = 2.356 CVE-2022-34175
maven MAVEN:GHSA-P3RC-946H-8CF5 Unauthorized view fragment access in Jenkins high 2022-06-24T00:00:31
(2 years ago)
Affected >= 2.74, <= 2.83 <= 2.73.1 CVE-2017-1000400
maven MAVEN:GHSA-P8X8-P473-MMMV Missing Authorization in Jenkins moderate 2022-05-13T01:18:20
(2 years ago)
Fixed = 2.84 = 2.73.2 CVE-2017-1000400
maven MAVEN:GHSA-P8X8-P473-MMMV Missing Authorization in Jenkins moderate 2022-05-13T01:18:20
(2 years ago)
Affected >= 2.320, < 2.330 < 2.319.2 CVE-2022-20612
maven MAVEN:GHSA-P92Q-7FHH-MQ35 Cross-Site Request Forgery in Jenkins moderate 2022-01-21T23:37:57
(2 years ago)
Fixed = 2.330 = 2.319.2 CVE-2022-20612
maven MAVEN:GHSA-P92Q-7FHH-MQ35 Cross-Site Request Forgery in Jenkins moderate 2022-01-21T23:37:57
(2 years ago)
Affected < 1.424.2 >= 1.425, < 1.447 CVE-2012-0785
maven MAVEN:GHSA-PCHP-C5W8-47GC Hash collision attack vulnerability in Jenkins high 2022-04-23T00:40:48
(2 years ago)
Fixed = 1.424.2 = 1.447 CVE-2012-0785
maven MAVEN:GHSA-PCHP-C5W8-47GC Hash collision attack vulnerability in Jenkins high 2022-04-23T00:40:48
(2 years ago)
Affected <= 2.303.2 >= 2.304, <= 2.318 CVE-2021-21694
maven MAVEN:GHSA-PGJ6-JMJ5-WQFX Multiple vulnerabilities allow bypassing path filtering of agent-to-controller access control in Jenkins critical 2022-05-24T19:19:44
(2 years ago)
Fixed = 2.303.3 = 2.319 CVE-2021-21694
maven MAVEN:GHSA-PGJ6-JMJ5-WQFX Multiple vulnerabilities allow bypassing path filtering of agent-to-controller access control in Jenkins critical 2022-05-24T19:19:44
(2 years ago)
Affected >= 2.122, < 2.132 < 2.121.2 CVE-2018-1999005
maven MAVEN:GHSA-PGXV-H967-FW2Q Improper Neutralization of Input During Web Page Generation in Jenkins moderate 2022-05-13T01:01:01
(2 years ago)
Fixed = 2.132 = 2.121.2 CVE-2018-1999005
maven MAVEN:GHSA-PGXV-H967-FW2Q Improper Neutralization of Input During Web Page Generation in Jenkins moderate 2022-05-13T01:01:01
(2 years ago)
Affected < 1.532.2 >= 1.533, < 1.551 CVE-2014-2068
maven MAVEN:GHSA-PV88-J6RG-R56P Jenkins allows attackers to obtain sensitive information low 2022-05-17T03:53:42
(2 years ago)
Fixed = 1.532.2 = 1.551 CVE-2014-2068
maven MAVEN:GHSA-PV88-J6RG-R56P Jenkins allows attackers to obtain sensitive information low 2022-05-17T03:53:42
(2 years ago)
Affected < 2.277.2 >= 2.278, <= 2.286 CVE-2021-21639
maven MAVEN:GHSA-PVWX-3JX5-24R2 Lack of type validation in agent related REST API in Jenkins moderate 2022-05-24T17:46:47
(2 years ago)
Fixed = 2.277.2 = 2.287 CVE-2021-21639
maven MAVEN:GHSA-PVWX-3JX5-24R2 Lack of type validation in agent related REST API in Jenkins moderate 2022-05-24T17:46:47
(2 years ago)
Affected >= 2.34, < 2.44 < 2.32.2 CVE-2017-2613
maven MAVEN:GHSA-PWV6-872C-GCG6 Cross-Site Request Forgery in Jenkins moderate 2022-05-13T01:36:54
(2 years ago)
Fixed = 2.44 = 2.32.2 CVE-2017-2613
maven MAVEN:GHSA-PWV6-872C-GCG6 Cross-Site Request Forgery in Jenkins moderate 2022-05-13T01:36:54
(2 years ago)
Affected >= 2.264, < 2.275 < 2.263.2 CVE-2021-21605
maven MAVEN:GHSA-PXGQ-GQR9-5GWX Path traversal vulnerability in Jenkins agent names high 2022-05-24T17:39:13
(2 years ago)
Fixed = 2.275 = 2.263.2 CVE-2021-21605
maven MAVEN:GHSA-PXGQ-GQR9-5GWX Path traversal vulnerability in Jenkins agent names high 2022-05-24T17:39:13
(2 years ago)
Affected >= 2.122, < 2.138 < 2.121.3 CVE-2018-1999045
maven MAVEN:GHSA-Q4CQ-R7HG-PXQQ Improper Authentication in Jenkins moderate 2022-05-14T01:04:56
(2 years ago)
Fixed = 2.138 = 2.121.3 CVE-2018-1999045
maven MAVEN:GHSA-Q4CQ-R7HG-PXQQ Improper Authentication in Jenkins moderate 2022-05-14T01:04:56
(2 years ago)
Affected >= 2.292, <= 2.299 <= 2.289.1 CVE-2021-21670
maven MAVEN:GHSA-Q4WP-8C99-69PW Improper permission checks allow canceling queue items and aborting builds in Jenkins moderate 2022-05-24T19:06:36
(2 years ago)
Fixed = 2.300 = 2.289.2 CVE-2021-21670
maven MAVEN:GHSA-Q4WP-8C99-69PW Improper permission checks allow canceling queue items and aborting builds in Jenkins moderate 2022-05-24T19:06:36
(2 years ago)
Affected < 1.502 CVE-2013-0328
maven MAVEN:GHSA-Q5F8-FXRX-PW6F Jenkins subject to Cross-site Scripting moderate 2022-05-05T02:48:48
(2 years ago)
Fixed = 1.502 CVE-2013-0328
maven MAVEN:GHSA-Q5F8-FXRX-PW6F Jenkins subject to Cross-site Scripting moderate 2022-05-05T02:48:48
(2 years ago)
Affected >= 2.177, <= 2.196 <= 2.176.3 CVE-2019-10402
maven MAVEN:GHSA-Q6Q9-83XW-MP6P Improper Neutralization of Input During Web Page Generation in Jenkins moderate 2022-05-24T22:00:43
(2 years ago)
Fixed = 2.197 = 2.176.4 CVE-2019-10402
maven MAVEN:GHSA-Q6Q9-83XW-MP6P Improper Neutralization of Input During Web Page Generation in Jenkins moderate 2022-05-24T22:00:43
(2 years ago)
Affected >= 2.122, < 2.132 < 2.121.2 CVE-2018-1999002
maven MAVEN:GHSA-QF38-F2FR-Q4X9 Improper Input Validation in Jenkins high 2022-05-13T01:01:02
(2 years ago)
Fixed = 2.132 = 2.121.2 CVE-2018-1999002
maven MAVEN:GHSA-QF38-F2FR-Q4X9 Improper Input Validation in Jenkins high 2022-05-13T01:01:02
(2 years ago)
Affected < 1.596.1 >= 1.597, < 1.600 CVE-2015-1811
maven MAVEN:GHSA-QG7X-4H4Q-3M49 XML external entity (XXE) vulnerability in Jenkins high 2022-05-24T17:06:12
(2 years ago)
Fixed = 1.596.1 = 1.600 CVE-2015-1811
maven MAVEN:GHSA-QG7X-4H4Q-3M49 XML external entity (XXE) vulnerability in Jenkins high 2022-05-24T17:06:12
(2 years ago)
Affected >= 2.236, <= 2.244 <= 2.235.1 CVE-2020-2220
maven MAVEN:GHSA-QGJ4-RC8M-44MQ Stored XSS vulnerability in Jenkins job build time trend high 2022-05-24T17:23:38
(2 years ago)
Fixed = 2.245 = 2.235.2 CVE-2020-2220
maven MAVEN:GHSA-QGJ4-RC8M-44MQ Stored XSS vulnerability in Jenkins job build time trend high 2022-05-24T17:23:38
(2 years ago)
Affected < 1.596.1 >= 1.597, < 1.600 CVE-2015-1809
maven MAVEN:GHSA-QJ27-W92H-FC9R XML external entity (XXE) vulnerability in Jenkins high 2022-05-24T17:06:12
(2 years ago)
Fixed = 1.596.1 = 1.600 CVE-2015-1809
maven MAVEN:GHSA-QJ27-W92H-FC9R XML external entity (XXE) vulnerability in Jenkins high 2022-05-24T17:06:12
(2 years ago)
Affected >= 2.205, < 2.214 < 2.204.2 CVE-2020-2099
maven MAVEN:GHSA-QP4F-2W67-C8HW Inbound TCP Agent Protocol/3 authentication bypass in Jenkins high 2022-05-24T17:07:40
(2 years ago)
Fixed = 2.214 = 2.204.2 CVE-2020-2099
maven MAVEN:GHSA-QP4F-2W67-C8HW Inbound TCP Agent Protocol/3 authentication bypass in Jenkins high 2022-05-24T17:07:40
(2 years ago)
Affected >= 2.165, <= 2.171 <= 2.164.1 CVE-2019-1003050
maven MAVEN:GHSA-QPG9-83FV-X9CH Improper Neutralization of Input During Web Page Generation in Jenkins moderate 2022-05-13T01:01:01
(2 years ago)
Fixed = 2.172 = 2.164.2 CVE-2019-1003050
maven MAVEN:GHSA-QPG9-83FV-X9CH Improper Neutralization of Input During Web Page Generation in Jenkins moderate 2022-05-13T01:01:01
(2 years ago)
Affected >= 2.177, <= 2.185 <= 2.176.1 CVE-2019-10352
maven MAVEN:GHSA-QR42-82QJ-MW65 Improper Limitation of a Pathname to a Restricted Directory in Jenkins moderate 2022-05-24T16:50:30
(2 years ago)
Fixed = 2.186 = 2.176.2 CVE-2019-10352
maven MAVEN:GHSA-QR42-82QJ-MW65 Improper Limitation of a Pathname to a Restricted Directory in Jenkins moderate 2022-05-24T16:50:30
(2 years ago)
Affected >= 2.415, < 2.424 >= 2.50, < 2.414.2 CVE-2023-43497
maven MAVEN:GHSA-QV64-W99C-QCR9 Jenkins temporary uploaded file created with insecure permissions low 2023-09-20T18:30:21
(12 months ago)
Fixed = 2.424 = 2.414.2 CVE-2023-43497
maven MAVEN:GHSA-QV64-W99C-QCR9 Jenkins temporary uploaded file created with insecure permissions low 2023-09-20T18:30:21
(12 months ago)
Affected >= 2.264, <= 2.274 <= 2.263.1 CVE-2021-21604
maven MAVEN:GHSA-QV6F-RCV6-6Q3X Improper handling of REST API XML deserialization errors in Jenkins high 2022-05-24T17:39:12
(2 years ago)
Fixed = 2.275 = 2.263.2 CVE-2021-21604
maven MAVEN:GHSA-QV6F-RCV6-6Q3X Improper handling of REST API XML deserialization errors in Jenkins high 2022-05-24T17:39:12
(2 years ago)
Affected >= 2.264, <= 2.275 <= 2.263.2 CVE-2021-21615
maven MAVEN:GHSA-QXP6-27GW-99CJ Time-of-check Time-of-use (TOCTOU) Race Condition in Jenkins moderate 2022-05-24T17:40:19
(2 years ago)
Fixed = 2.276 = 2.263.3 CVE-2021-21615
maven MAVEN:GHSA-QXP6-27GW-99CJ Time-of-check Time-of-use (TOCTOU) Race Condition in Jenkins moderate 2022-05-24T17:40:19
(2 years ago)
Affected >= 2.122, <= 2.137 <= 2.121.2 CVE-2018-1999047
maven MAVEN:GHSA-R2JF-RC5V-VMPV Incorrect Authorization in Jenkins moderate 2022-05-13T01:50:56
(2 years ago)
Fixed = 2.138 = 2.121.3 CVE-2018-1999047
maven MAVEN:GHSA-R2JF-RC5V-VMPV Incorrect Authorization in Jenkins moderate 2022-05-13T01:50:56
(2 years ago)
Affected <= 2.46.1 >= 2.50, <= 2.56 CVE-2017-1000354
maven MAVEN:GHSA-R57F-7XW3-Q2R9 Improper Authentication in Jenkins high 2022-05-14T03:44:30
(2 years ago)
Fixed = 2.46.2 = 2.57 CVE-2017-1000354
maven MAVEN:GHSA-R57F-7XW3-Q2R9 Improper Authentication in Jenkins high 2022-05-14T03:44:30
(2 years ago)
Affected < 1.565.3 >= 1.566, < 1.583 CVE-2014-3661
maven MAVEN:GHSA-R5M2-G5GC-Q43R Jenkins Denial of Service vulnerability moderate 2022-05-17T03:53:42
(2 years ago)
Fixed = 1.565.3 = 1.583 CVE-2014-3661
maven MAVEN:GHSA-R5M2-G5GC-Q43R Jenkins Denial of Service vulnerability moderate 2022-05-17T03:53:42
(2 years ago)
Affected >= 2.90, <= 2.94 >= 2.81, <= 2.89.1 CVE-2017-1000503
maven MAVEN:GHSA-R5X3-2446-HRP7 Race Condition in Jenkins high 2022-05-14T03:45:22
(2 years ago)
Fixed = 2.95 = 2.89.2 CVE-2017-1000503
maven MAVEN:GHSA-R5X3-2446-HRP7 Race Condition in Jenkins high 2022-05-14T03:45:22
(2 years ago)
Affected >= 2.34, <= 2.43 <= 2.32.1 CVE-2017-2601
maven MAVEN:GHSA-R69C-5J7C-VM6Q Cross-site Scripting in Jenkins moderate 2022-05-13T01:02:35
(2 years ago)
Fixed = 2.44 = 2.32.2 CVE-2017-2601
maven MAVEN:GHSA-R69C-5J7C-VM6Q Cross-site Scripting in Jenkins moderate 2022-05-13T01:02:35
(2 years ago)
Affected >= 2.205, <= 2.218 <= 2.204.1 CVE-2020-2104
maven MAVEN:GHSA-R78Q-QGX6-64PP Memory usage graphs accessible to anyone with Overall/Read moderate 2022-05-24T17:07:40
(2 years ago)
Fixed = 2.219 = 2.204.2 CVE-2020-2104
maven MAVEN:GHSA-R78Q-QGX6-64PP Memory usage graphs accessible to anyone with Overall/Read moderate 2022-05-24T17:07:40
(2 years ago)
Affected >= 2.34, <= 2.43 <= 2.32.1 CVE-2017-2598
maven MAVEN:GHSA-R9Q2-3R6X-QMGP Inadequate Encryption Strength in Jenkins moderate 2022-05-13T01:36:56
(2 years ago)
Fixed = 2.44 = 2.32.2 CVE-2017-2598
maven MAVEN:GHSA-R9Q2-3R6X-QMGP Inadequate Encryption Strength in Jenkins moderate 2022-05-13T01:36:56
(2 years ago)
Affected >= 2.108, <= 2.120 <= 2.107.2 CVE-2018-1000195
maven MAVEN:GHSA-RGMJ-MCCJ-H9MX Cross-Site Request Forgery in Jenkins moderate 2022-05-13T01:01:01
(2 years ago)
Fixed = 2.121 = 2.107.3 CVE-2018-1000195
maven MAVEN:GHSA-RGMJ-MCCJ-H9MX Cross-Site Request Forgery in Jenkins moderate 2022-05-13T01:01:01
(2 years ago)
Affected < 1.480.3 >= 1.481, < 1.502 CVE-2013-0327
maven MAVEN:GHSA-RQHG-CXFR-8XQW Jenkins Cross-Site Request Forgery vulnerability moderate 2022-05-05T02:48:48
(2 years ago)
Fixed = 1.480.3 = 1.502 CVE-2013-0327
maven MAVEN:GHSA-RQHG-CXFR-8XQW Jenkins Cross-Site Request Forgery vulnerability moderate 2022-05-05T02:48:48
(2 years ago)
Affected >= 2.140, <= 2.145 <= 2.138.1 CVE-2018-1000409
maven MAVEN:GHSA-RR6R-P7RW-369C Session Fixation in Jenkins moderate 2022-05-14T01:04:36
(2 years ago)
Fixed = 2.146 = 2.138.2 CVE-2018-1000409
maven MAVEN:GHSA-RR6R-P7RW-369C Session Fixation in Jenkins moderate 2022-05-14T01:04:36
(2 years ago)
Affected >= 2.388, < 2.394 >= 2.376, < 2.387.1 < 2.375.4 CVE-2023-27904
maven MAVEN:GHSA-RRGP-C2W8-6VG6 Information disclosure through error stack traces related to agents low 2023-03-10T21:30:19
(18 months ago)
Fixed = 2.394 = 2.387.1 = 2.375.4 CVE-2023-27904
maven MAVEN:GHSA-RRGP-C2W8-6VG6 Information disclosure through error stack traces related to agents low 2023-03-10T21:30:19
(18 months ago)
Affected < 1.532.2 >= 1.533, < 1.551 CVE-2014-2061
maven MAVEN:GHSA-RXFV-GM5X-9WQJ Jenkin allows attackers to obtain passwords by reading the HTML source code moderate 2022-05-17T03:53:54
(2 years ago)
Fixed = 1.532.2 = 1.551 CVE-2014-2061
maven MAVEN:GHSA-RXFV-GM5X-9WQJ Jenkin allows attackers to obtain passwords by reading the HTML source code moderate 2022-05-17T03:53:54
(2 years ago)
Affected >= 2.34, < 2.44 < 2.32.2 CVE-2017-2609
maven MAVEN:GHSA-V222-W2MW-XJC6 Exposure of Sensitive Information to an Unauthorized Actor in Jenkins moderate 2022-05-13T01:36:54
(2 years ago)
Fixed = 2.44 = 2.32.2 CVE-2017-2609
maven MAVEN:GHSA-V222-W2MW-XJC6 Exposure of Sensitive Information to an Unauthorized Actor in Jenkins moderate 2022-05-13T01:36:54
(2 years ago)
Affected < 1.532.2 >= 1.533, < 1.551 CVE-2014-2059
maven MAVEN:GHSA-V759-3FH9-84MX Jenkins directory traversal vulnerability moderate 2022-05-17T01:26:47
(2 years ago)
Fixed = 1.532.2 = 1.551 CVE-2014-2059
maven MAVEN:GHSA-V759-3FH9-84MX Jenkins directory traversal vulnerability moderate 2022-05-17T01:26:47
(2 years ago)
Affected >= 2.177, <= 2.191 <= 2.176.2 CVE-2019-10384
maven MAVEN:GHSA-VCR8-H8QP-QJ8H Cross-Site Request Forgery in Jenkins high 2022-05-24T16:55:01
(2 years ago)
Fixed = 2.192 = 2.176.3 CVE-2019-10384
maven MAVEN:GHSA-VCR8-H8QP-QJ8H Cross-Site Request Forgery in Jenkins high 2022-05-24T16:55:01
(2 years ago)
Affected < 1.532.2 >= 1.533, < 1.551 CVE-2014-2067
maven MAVEN:GHSA-VJ6Q-V2H7-6Q5M Jenkins cross-site scripting (XSS) vulnerability moderate 2022-05-17T01:26:46
(2 years ago)
Fixed = 1.532.2 = 1.551 CVE-2014-2067
maven MAVEN:GHSA-VJ6Q-V2H7-6Q5M Jenkins cross-site scripting (XSS) vulnerability moderate 2022-05-17T01:26:46
(2 years ago)
Affected >= 2.264, <= 2.274 <= 2.263.1 CVE-2021-21602
maven MAVEN:GHSA-VPJM-58CW-R8Q5 Arbitrary file read vulnerability in workspace browsers in Jenkins moderate 2022-05-24T17:39:12
(2 years ago)
Fixed = 2.275 = 2.263.2 CVE-2021-21602
maven MAVEN:GHSA-VPJM-58CW-R8Q5 Arbitrary file read vulnerability in workspace browsers in Jenkins moderate 2022-05-24T17:39:12
(2 years ago)
Affected < 1.532.2 >= 1.533, < 1.551 CVE-2014-2062
maven MAVEN:GHSA-VXC6-WVH8-FPXW Jenkins does not invalidate the API token when a user is deleted moderate 2022-05-17T03:53:54
(2 years ago)
Fixed = 1.532.2 = 1.551 CVE-2014-2062
maven MAVEN:GHSA-VXC6-WVH8-FPXW Jenkins does not invalidate the API token when a user is deleted moderate 2022-05-17T03:53:54
(2 years ago)
Affected < 2.277.2 >= 2.278, <= 2.286 CVE-2021-21640
maven MAVEN:GHSA-W2HV-RCQR-2H7R View name validation bypass in Jenkins moderate 2022-05-24T17:46:47
(2 years ago)
Fixed = 2.277.2 = 2.287 CVE-2021-21640
maven MAVEN:GHSA-W2HV-RCQR-2H7R View name validation bypass in Jenkins moderate 2022-05-24T17:46:47
(2 years ago)
Affected >= 1.600, < 1.606 < 1.596.2 CVE-2015-1812
maven MAVEN:GHSA-W5V7-Q2J4-FVPF Jenkins Cross-site Scripting vulnerability moderate 2022-05-17T03:53:16
(2 years ago)
Fixed = 1.606 = 1.596.2 CVE-2015-1812
maven MAVEN:GHSA-W5V7-Q2J4-FVPF Jenkins Cross-site Scripting vulnerability moderate 2022-05-17T03:53:16
(2 years ago)
Affected >= 2.205, <= 2.218 <= 2.204.1 CVE-2020-2101
maven MAVEN:GHSA-W7JR-WQW6-54XC Non-constant time comparison of inbound TCP agent connection secret moderate 2022-05-24T17:07:40
(2 years ago)
Fixed = 2.219 = 2.204.2 CVE-2020-2101
maven MAVEN:GHSA-W7JR-WQW6-54XC Non-constant time comparison of inbound TCP agent connection secret moderate 2022-05-24T17:07:40
(2 years ago)
Affected >= 2.34, < 2.44 < 2.32.2 CVE-2017-2612
maven MAVEN:GHSA-WF9G-RH76-6JVR Incorrect Permission Assignment for Critical Resource in Jenkins moderate 2022-05-13T01:36:54
(2 years ago)
Fixed = 2.44 = 2.32.2 CVE-2017-2612
maven MAVEN:GHSA-WF9G-RH76-6JVR Incorrect Permission Assignment for Critical Resource in Jenkins moderate 2022-05-13T01:36:54
(2 years ago)
Affected >= 2.74, <= 2.88 <= 2.73.2 CVE-2017-1000391
maven MAVEN:GHSA-WFJ3-535M-P6FX Improper Input Validation in Jenkins high 2022-05-14T01:04:30
(2 years ago)
Fixed = 2.89 = 2.73.3 CVE-2017-1000391
maven MAVEN:GHSA-WFJ3-535M-P6FX Improper Input Validation in Jenkins high 2022-05-14T01:04:30
(2 years ago)
Affected >= 2.34, <= 2.43 <= 2.32.1 CVE-2017-2600
maven MAVEN:GHSA-WJ5C-J656-H5FW Exposure of Sensitive Information to an Unauthorized Actor in Jenkins moderate 2022-05-13T01:36:55
(2 years ago)
Fixed = 2.44 = 2.32.2 CVE-2017-2600
maven MAVEN:GHSA-WJ5C-J656-H5FW Exposure of Sensitive Information to an Unauthorized Actor in Jenkins moderate 2022-05-13T01:36:55
(2 years ago)
Affected >= 2.122, < 2.132 < 2.121.2 CVE-2018-1999004
maven MAVEN:GHSA-WMR8-25FF-GGPJ Incorrect Authorization in Jenkins moderate 2022-05-13T01:01:02
(2 years ago)
Fixed = 2.132 = 2.121.2 CVE-2018-1999004
maven MAVEN:GHSA-WMR8-25FF-GGPJ Incorrect Authorization in Jenkins moderate 2022-05-13T01:01:02
(2 years ago)
Affected >= 2.74, <= 2.83 <= 2.73.1 CVE-2017-1000395
maven MAVEN:GHSA-WQV4-9GR3-3QGH Exposure of Sensitive Information to an Unauthorized Actor in Jenkins moderate 2022-05-14T01:04:35
(2 years ago)
Fixed = 2.84 = 2.73.2 CVE-2017-1000395
maven MAVEN:GHSA-WQV4-9GR3-3QGH Exposure of Sensitive Information to an Unauthorized Actor in Jenkins moderate 2022-05-14T01:04:35
(2 years ago)
Affected >= 2.263.2, <= 2.274 < 2.263.1 CVE-2021-21608
maven MAVEN:GHSA-WV63-GWR9-5C55 Stored XSS vulnerability in Jenkins button labels moderate 2022-05-24T17:39:12
(2 years ago)
Fixed = 2.275 CVE-2021-21608
maven MAVEN:GHSA-WV63-GWR9-5C55 Stored XSS vulnerability in Jenkins button labels moderate 2022-05-24T17:39:12
(2 years ago)
Affected < 1.640 CVE-2015-7536
maven MAVEN:GHSA-X3P3-929J-PQ66 Improper Neutralization of Input During Web Page Generation in Jenkins moderate 2022-05-17T03:53:41
(2 years ago)
Fixed = 1.640 CVE-2015-7536
maven MAVEN:GHSA-X3P3-929J-PQ66 Improper Neutralization of Input During Web Page Generation in Jenkins moderate 2022-05-17T03:53:41
(2 years ago)
Affected < 2.94 CVE-2017-17383
maven MAVEN:GHSA-X3RC-CXV7-6XP6 Cross-site Scripting in Jenkins Core moderate 2022-05-14T04:04:08
(2 years ago)
Fixed = 2.94 CVE-2017-17383
maven MAVEN:GHSA-X3RC-CXV7-6XP6 Cross-site Scripting in Jenkins Core moderate 2022-05-14T04:04:08
(2 years ago)
Affected >= 2.34, <= 2.43 <= 2.32.1 CVE-2017-2603
maven MAVEN:GHSA-X55P-6526-XMMP Exposure of Sensitive Information to an Unauthorized Actor in Jenkins low 2022-05-13T01:36:54
(2 years ago)
Fixed = 2.44 = 2.32.2 CVE-2017-2603
maven MAVEN:GHSA-X55P-6526-XMMP Exposure of Sensitive Information to an Unauthorized Actor in Jenkins low 2022-05-13T01:36:54
(2 years ago)
Affected >= 2.108, <= 2.120 <= 2.107.2 CVE-2018-1000194
maven MAVEN:GHSA-X646-M7X2-GCP7 Path Traversal in Jenkins high 2022-05-13T01:01:01
(2 years ago)
Fixed = 2.121 = 2.107.3 CVE-2018-1000194
maven MAVEN:GHSA-X646-M7X2-GCP7 Path Traversal in Jenkins high 2022-05-13T01:01:01
(2 years ago)
Affected >= 2.90, <= 2.106 <= 2.89.3 CVE-2018-1000068
maven MAVEN:GHSA-X6JW-2F23-MC5J Exposure of Sensitive Information to an Unauthorized Actor in Jenkins moderate 2022-05-13T01:01:02
(2 years ago)
Fixed = 2.107 = 2.89.4 CVE-2018-1000068
maven MAVEN:GHSA-X6JW-2F23-MC5J Exposure of Sensitive Information to an Unauthorized Actor in Jenkins moderate 2022-05-13T01:01:02
(2 years ago)
Affected >= 2.367, < 2.370 CVE-2022-41224
maven MAVEN:GHSA-XPVP-H73C-M9RQ Jenkins vulnerable to stored cross site scripting in the I:helpIcon component high 2022-09-22T00:00:28
(2 years ago)
Fixed = 2.370 CVE-2022-41224
maven MAVEN:GHSA-XPVP-H73C-M9RQ Jenkins vulnerable to stored cross site scripting in the I:helpIcon component high 2022-09-22T00:00:28
(2 years ago)