Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

maven org.jenkins-ci.main:jenkins-core Security Advisories

Loading...
Moderate
GSA_kwCzR0hTQS00NDY2LThqbTQtNDQ4cM4AAXaQ
Deserialization of Untrusted Data in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS13cXY0LTlncjMtM3FnaM4AATfl
Exposure of Sensitive Information to an Unauthorized Actor in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS13Mmh2LXJjcXItMmg3cs4AAoE2
View name validation bypass in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS00ampqLWNtN3EtdjZocs4AAjcO
Jenkins Diagnostic page exposed session cookies
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS13N2pyLXdxdzYtNTR4Y84AAjcJ
Non-constant time comparison of inbound TCP agent connection secret
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1wdnd4LTNqeDUtMjRyMs4AAoE-
Lack of type validation in agent related REST API in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS12cGptLTU4Y3ctcjhxNc4AAnOi
Arbitrary file read vulnerability in workspace browsers in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS12eGM2LXd2aDgtZnB4d84AAdTi
Jenkins does not invalidate the API token when a user is deleted
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS0zNHd4LXgydzktdnFtM80qIg
DoS vulnerability in bundled XStream library in Jenkins Core
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS05amN2LXY0anAtdzNjcc4AATfy
Cross-site Scripting in Jenkins Core
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS01OWZtLTZ4M3EtcTNxNc4AAXuz
Missing permissions check in Jenkins Core
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1qZ3ByLXFydzItNmdwM84AAXvS
Exposure of Sensitive Information in Jenkins Core
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS00N3djLXA1Y3Atdzdwd84AAq6Q
Exposure of Sensitive Information to an Unauthorized Actor in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1xeHA2LTI3Z3ctOTljas4AAnWa
Time-of-check Time-of-use (TOCTOU) Race Condition in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1tajdxLWNtZjMtbWc3aM4AAnOV
Stored XSS vulnerability in Jenkins on new item page
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS03OGNqLTJtMjktcTVyOc3ibA
Jenkins Cross-Site Request Forgery vulnerability
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1ycWhnLWN4ZnItOHhxd83iaQ
Jenkins Cross-Site Request Forgery vulnerability
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS01cHB4LXJndzIteGcyM84AATfi
Improper Neutralization of Input During Web Page Generation in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1wOHg4LXA0NzMtbW1tds37rg
Missing Authorization in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1oOTcyLWN3anYtMnYzOc4AATfs
Exposure of Sensitive Information to an Unauthorized Actor in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1qZmY1LTU1eGotNGpjcc4AARcm
Improper Neutralization of Input During Web Page Generation in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1jcHczLXg3Z2YtcDg3Ms4AATSW
Exposure of Sensitive Information to an Unauthorized Actor in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS00aDQ3LWgzY3ItMjN3aM4AASkE
Improper Authorization in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS01cDU5LXY1d20tNzd2NM3mlA
Improper Limitation of a Pathname to a Restricted Directory in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1xNGNxLXI3aGctcHhxcc4AATf1
Improper Authentication in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1wMjY1LXhyOTgtM3Ztcs3mbA
Incorrect Authorization in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1xcjQyLTgycWotbXc2Nc4AAhUj
Improper Limitation of a Pathname to a Restricted Directory in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1oZzZnLWpqN2cteDZ2Ms4AAq6R
Improper Neutralization of Input During Web Page Generation in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1yMmpmLXJjNXYtdm1wds4AASyI
Incorrect Authorization in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS05cWdmLTRmcGYtY21oMs4AAq6N
Improper Neutralization of Input During Web Page Generation in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1jcmcyLTZ4djMtcWc1Zs4AAkC-
Improper Neutralization of Input During Web Page Generation in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS0yeGNtLWg3dnYtZzhtOc4AAkDZ
Improper Neutralization of Input During Web Page Generation in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS00Mm02LTd4ZmYtOXY5bc4AARcE
Improper Neutralization of Input During Web Page Generation in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS02bXY5LWhjeDUtN21oaM3mmQ
Server-Side Request Forgery in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS05bTQ4LTU0cGotaDI0OM4AAh6P
Improper Neutralization of Input During Web Page Generation in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS0yNzlmLXF3Z2gtaDVtcM4AA1-D
Jenkins does not exclude sensitive build variables from search
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
Moderate
GSA_kwCzR0hTQS1yNzhxLXFneDYtNjRwcM4AAjcT
Memory usage graphs accessible to anyone with Overall/Read
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1xNWY4LWZ4cngtcHc2Zs3iYg
Jenkins subject to Cross-site Scripting
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1mZzRyLWY5ajItMzZtd84AAdPD
Jenkins Cross-Site Request Forgery vulnerabilities
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1meHFyLXB4Mm0tZnZjMs4AAdTV
Jenkins Exposure of Sensitive Information to an Unauthorized Actor vulnerability
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS0zZ3A1LTkyaDUtaDg1Nc4AAZnO
Jenkins Path Traversal vulnerability
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1nNzh4LXhtdjgtMjN4cM4AATft
Exposure of Sensitive Information to an Unauthorized Actor in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1xcGc5LTgzZnYteDljaM3mcg
Improper Neutralization of Input During Web Page Generation in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1majZmLTY5MzMtODM5as4AAjcN
Non-constant time HMAC comparison
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1jeHF3LXZqY3ItZ3A1Z84AAnOQ
Excessive memory allocation in graph URLs leads to denial of service in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS02NDU2LXhqbTUtZzNwZ83mlQ
Cross-site scripting vulnerability exists in Jenkins and Stapler Plugin
Ecosystems: maven
Packages: org.kohsuke.stapler:stapler-parent, org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS0yOHAzLW1jaHItOWZyas4AATf4
Deserialization of Untrusted Data in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS02amZjLW1jOTctYzd3Z84AAhUt
Missing Authorization in Jenkins
Ecosystems: maven
Packages: org.kohsuke.stapler:stapler-parent, org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1qcHZxLXY3MjktN2oyaM4AAlk6
Improper Neutralization of Input During Web Page Generation in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS05Z3JqLWo0M20tbWpxcs4AAs7n
Observable timing discrepancy allows determining username validity in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1mZmdnLXZwaGgtdjI3M84AARc6
Incomplete List of Disallowed Inputs in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS12MjIyLXcybXcteGpjNs4AARcp
Exposure of Sensitive Information to an Unauthorized Actor in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS0ydzR4LXJ4cDctZ3JnN83mjg
Exposure of Sensitive Information to an Unauthorized Actor in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS0zcHI4LXJmNjItZzg5M84AATfw
Path Traversal in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS02NjdxLXZqNTgtcmo4OM4AATf_
Exposure of Sensitive Information to an Unauthorized Actor in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1wZ3h2LWg5NjctZncycc3mkA
Improper Neutralization of Input During Web Page Generation in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1nOHBnLXFydm0td2doMs4AAkDM
Improper Neutralization of Input During Web Page Generation in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS0zMjk3LTk0NHgtajd4N835TA
Incorrect Authorization in Jenkins Core
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS05OGdxLTZoeGctNTJyNs4AAnOI
XSS vulnerability in Jenkins notification bar
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS13djYzLWd3cjktNWM1Nc4AAnOM
Stored XSS vulnerability in Jenkins button labels
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1nN2NmLXdnMjctcXc4N84AAYy2
Jenkins secure flag not set on session cookies
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS03ZjZ3LWZobXItajhocc4AAYy3
Jenkins HttpOnly flag not Set for session cookies
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1yeGZ2LWdtNXgtOXdxas4AAdTk
Jenkin allows attackers to obtain passwords by reading the HTML source code
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS05dmc5LXgzOGctOWhmeM4AAdTh
Jenkins allows attackers to determine whether a user exists
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1meGo4LWNxY3AtM3Zncc4AAdTf
Jenkins cross-site scripting (XSS) vulnerability
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS04amZ4LWg2cTItdjRnM84AAdTg
Jenkins session fixation vulnerability
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS12ajZxLXYyaDctNnE1bc4AAZqz
Jenkins cross-site scripting (XSS) vulnerability
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS03ZnBnLXBwM20taDIyZs4AAdTl
Jenkins allows attackers to execute arbitrary jobs
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1oNWp2LWhnNjgtbWpoZ84AAdTm
Jenkins allows attackers to configure restricted projects
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS14M3AzLTkyOWotcHE2Ns4AAdTU
Improper Neutralization of Input During Web Page Generation in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1mcTlmLTl3djktcmZtZ84AATfk
Improper Certificate Validation in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1yOXEyLTNyNngtcW1ncM4AARcs
Inadequate Encryption Strength in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1yNjljLTVqN2Mtdm02cc3o9A
Cross-site Scripting in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS14Nmp3LTJmMjMtbWM1as3mkg
Exposure of Sensitive Information to an Unauthorized Actor in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1yZ21qLW1jY2otaDlteM3mbQ
Cross-Site Request Forgery in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1odzU1LWY4d2MtODJtNs4AAq6O
Improper Neutralization of Input During Web Page Generation in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1jajZyLThweGotNWp2Ns4AAyCF
Incorrect Permission Preservation in Jenkins Core
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS03cjRoLTJoMjMtNmpxOc3z7g
Incorrect Authorization in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS02OTY3LTl2dnYtNGNtbc4AARcj
Exposure of Sensitive Information to an Unauthorized Actor in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1wd3Y2LTg3MmMtZ2NnNs4AARck
Cross-Site Request Forgery in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS03NTkyLTkzcm0tNmdweM3mbg
Injection in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1ycjZyLXA3cnctMzY5Y84AATfz
Session Fixation in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS02NG1jLTJtOXAtMjNjOM4AAdTR
Jenkins allows remote authenticated users to bypass intended restrictions and create or destroy arbitrary jobs
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1yNW0yLWc1Z2MtcTQzcs4AAdTe
Jenkins Denial of Service vulnerability
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS0zODU3LXhtMzgtam1xMs4AAXuy
Incorrect Authorization in Jenkins Core
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS04NTcyLTVqcmctbXg1Ms4AAXul
Exposure of Sensitive Information in Jenkins Core
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS14M3JjLWN4djctNnhwNs4AAX4Y
Cross-site Scripting in Jenkins Core
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS12NzU5LTNmaDktODRteM4AAZq3
Jenkins directory traversal vulnerability
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1mcmdyLWM1ZjItOHFoaM4AAyCc
Denial of service in Jenkins Core
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS13ajVjLWo2NTYtaDVmd84AARcr
Exposure of Sensitive Information to an Unauthorized Actor in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1tOTNoLTVxbXgtcHBoZ84AARcf
Improper Authentication in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS13ZjlnLXJoNzYtNmp2cs4AARcd
Incorrect Permission Assignment for Critical Resource in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS02NmNyLTZ3aHgtNzMycM4AAdTQ
Jenkins improperly ensures trust separation
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1odjQ1LTVqOWgtN2ZoZ84AATfx
Cross-site Scripting in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1ncHh2LTc3NnAtN2djN84AAjcM
Jenkins vulnerable to UDP amplification reflection attack
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS00cHc1LXI1OGgtZnYyNM4AAqOh
Path traversal vulnerability on Windows in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS05Y2p2LTkzZzctYzZtds4AASlC
Loop with Unreachable Exit Condition in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS13bXI4LTI1ZmYtZ2dwas3mkQ
Incorrect Authorization in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS01aGZwLTk2NHctNXZnbc4AATfj
Improper Limitation of a Pathname to a Restricted Directory in Jenkins
Ecosystems: maven
Packages: org.kohsuke.stapler:stapler-parent, org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS0ycHA5LXI0cnYtNnA2as4AATgt
Exposure of Sensitive Information to an Unauthorized Actor in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Statistics
Advisories: 18,311
Packages: 8,276
Repositories: 4
Ecosystems: 12
Filter by Severity
Moderate 7,904 High 6,338 Critical 2,801 Low 981
Filter by Ecosystem
maven 5,520 packagist 3,783 pypi 3,698 npm 3,535 go 1,889 nuget 1,390 rubygems 814 cargo 775 swift 31 hex 29 actions 16 pub 8
Filter by Package
org.jenkins-ci.main:jenkins-core 189 org.apache.tomcat:tomcat 134 com.fasterxml.jackson.core:jackson-databind 69 org.apache.struts:struts2-core 55 org.keycloak:keycloak-core 47 com.liferay.portal:release.portal.bom 45 org.apache.tomcat.embed:tomcat-embed-core 37 com.jfinal:jfinal 36 com.thoughtworks.xstream:xstream 36 net.mingsoft:ms-mcms 35 org.xwiki.platform:xwiki-platform-oldcore 34 org.elasticsearch:elasticsearch 32 org.jenkins-ci.plugins:script-security 30 io.undertow:undertow-core 27 org.keycloak:keycloak-services 27 org.apache.solr:solr-core 25 org.keycloak:keycloak-parent 25 org.springframework.security:spring-security-core 23 org.eclipse.jetty:jetty-server 23 org.apache.nifi:nifi 22 org.apache.openmeetings:openmeetings-parent 21 org.cloudfoundry.identity:cloudfoundry-identity-server 20 org.springframework:spring-core 19 org.bouncycastle:bcprov-jdk14 18 com.vaadin:vaadin-bom 18 com.liferay.portal:release.dxp.bom 18 org.xwiki.platform:xwiki-platform-web-templates 17 org.apache.geode:geode-core 17 org.apache.activemq:activemq-client 16 org.apache.dubbo:dubbo 16 org.bouncycastle:bcprov-jdk15 16 org.apache.struts.xwork:xwork-core 15 org.apache.jspwiki:jspwiki-main 15 org.xwiki.platform:xwiki-platform-web 14 org.apache.hadoop:hadoop-main 13 org.apache.inlong:manager-pojo 13 org.apache.cxf:cxf 13 com.vaadin:flow-server 12 org.apache.dolphinscheduler:dolphinscheduler 12 org.jenkins-ci.plugins:git 12 org.jenkins-ci.plugins.workflow:workflow-cps 12 org.apache.tika:tika-core 11 com.xuxueli:xxl-job 11 org.apache.jspwiki:jspwiki-war 11 org.apache.commons:commons-compress 11 org.jeecgframework.boot:jeecg-boot-common 11 org.apache.camel:camel-core 11 org.igniterealtime.openfire:parent 11 org.jenkins-ci.plugins:email-ext 11 org.mortbay.jetty:jetty 11 org.apache.james:james-server 11 org.apache.hadoop:hadoop-common 11 org.apache.cxf:cxf-core 11 org.apache.ranger:ranger 11 org.jeecgframework.boot:jeecg-boot-parent 11 org.apache.tomcat:tomcat-coyote 11 org.jboss.netty:netty 10 io.netty:netty 10 org.jenkins-ci.plugins.workflow:workflow-cps-global-lib 10 org.xwiki.platform:xwiki-platform-administration-ui 10 org.apache.inlong:manager-service 10 org.apache.archiva:archiva 9 org.apache.tapestry:tapestry-core 9 org.craftercms:crafter-studio 9 com.sonyericsson.jenkins.plugins.bfa:build-failure-analyzer 9 org.opennms:opennms 9 org.springframework:spring-web 9 org.apache.xmlgraphics:batik 9 jquery 9 jquery-rails 9 org.jenkins-ci.plugins:active-directory 9 org.opencrx:opencrx-core-models 9 org.bouncycastle:bcprov-jdk15on 9 org.apache.shiro:shiro-core 9 io.jenkins:configuration-as-code 9 org.jenkins-ci.plugins:config-file-provider 9 org.apache.tomcat:tomcat-catalina 9 org.jenkins-ci.plugins:electricflow 9 org.webjars.npm:jquery 9 org.apache.hive:hive 9 org.springframework:spring-webmvc 9 cn.hutool:hutool-core 9 io.jenkins.blueocean:blueocean 8 jQuery 8 org.apache.santuario:xmlsec 8 org.apache.hive:hive-exec 8 org.apache.zeppelin:zeppelin 8 com.hazelcast:hazelcast 8 org.postgresql:postgresql 8 mysql:mysql-connector-java 8 org.yaml:snakeyaml 8 org.apache.pdfbox:pdfbox 8 org.apache.kylin:kylin 8 org.apache.ozone:ozone-main 8 org.jenkins-ci.plugins:ec2 8 org.opencms:opencms-core 8 org.graylog2:graylog2-server 8 org.apache.ambari:ambari 8 org.jenkins-ci.plugins:artifactory 7 jquery-ui 7 jquery-ui-rails 7 org.webjars.npm:jquery-ui 7 org.apache.tika:tika 7 jQuery.UI.Combined 7 org.jenkins-ci.plugins:mercurial 7 io.jenkins.plugins:miniorange-saml-sp 7 io.jenkins.plugins:cavisson-ns-nd-integration 7 org.owasp.antisamy:antisamy 7 net.opentsdb:opentsdb 7 org.jenkins-ci.plugins:openshift-deployer 7 io.dataease:dataease-plugin-common 7 io.jenkins.plugins:warnings-ng 7 org.jenkins-ci.plugins:rundeck 7 org.apache.hive:hive-service 7 org.apache.atlas:atlas-common 7 org.apache.linkis:linkis 7 org.apache.spark:spark-core_2.11 7 rubygems-update 7 org.jruby:jruby-stdlib 7 io.atomix:atomix 7 org.apache.inlong:manager-web 7 org.apache.activemq:activemq-parent 7 org.jboss.resteasy:resteasy-client 7 org.jenkins-ci.plugins:jobConfigHistory 7 org.owasp.esapi:esapi 7 org.jenkins-ci.plugins:subversion 7 org.apache.cxf:apache-cxf 7 org.jeecgframework.boot:jeecg-boot-base 7 org.apache.karaf:apache-karaf 7 org.apache.derby:derby 7 org.apache.logging.log4j:log4j-core 7 org.silverpeas.core:silverpeas-core-web 7 org.apache.poi:poi 7 commons-fileupload:commons-fileupload 6 org.csanchez.jenkins.plugins:kubernetes 6 de.tum.in.ase:artemis-java-test-sandbox 6 org.apache.pulsar:pulsar-broker 6 io.netty:netty-handler 6 org.apache.solr:solr-parent 6 org.apache.mesos:mesos 6 org.jenkins-ci.plugins:azure-vm-agents 6 com.sonyericsson.hudson.plugins.gerrit:gerrit-trigger 6 org.apache.httpcomponents:httpclient 6 org.jenkins-ci.plugins:gitlab-oauth 6 tech.powerjob:powerjob 6 org.opensearch.plugin:opensearch-security 6 io.netty:netty-codec-http 6 cn.hutool:hutool-json 6 com.xebialabs.deployit.ci:deployit-plugin 6 org.jenkins-ci.plugins:ec2-deployment-dashboard 6 org.jenkins-ci.plugins:fortify-on-demand-uploader 6 org.apache.storm:storm-core 6 org.apache.spark:spark-core_2.10 6 org.jenkins-ci.plugins:repository-connector 6 org.jenkins-ci.plugins:pipeline-maven 6 com.jflyfox:jflyfox_jfinal 6 org.opencastproject:opencast-kernel 6 org.apache.struts:struts2-rest-plugin 6 org.xwiki.commons:xwiki-commons-xml 6 axis:axis 6 org.apache.axis:axis 6 org.apache.shenyu:shenyu-common 6 org.apache.syncope:syncope-core 6 hudson.plugins:project-inheritance 6 org.jenkins-ci.plugins:matrix-project 5 org.apache.cassandra:cassandra-all 5 org.jenkins-ci.plugins:delphix 5 org.apache.kylin:kylin-server-base 5 org.jenkins-ci.plugins:junit 5 org.jenkins-ci.plugins:support-core 5 com.mabl.integration.jenkins:mabl-integration 5 org.apache.ignite:ignite-core 5 org.apache.zookeeper:zookeeper 5 info.magnolia:magnolia-core 5 org.jenkins-ci.plugins:codedx 5 org.jenkins-ci.plugins:google-compute-engine 5 org.infinispan:infinispan-core 5 com.nimbusds:nimbus-jose-jwt 5 org.dspace:dspace-jspui 5 org.wildfly:wildfly-parent 5 org.codehaus.jettison:jettison 5 org.apache.druid:druid 5 org.jenkins-ci.plugins:ghprb 5 org.apache.zeppelin:zeppelin-server 5 com.google.protobuf:protobuf-java 5 com.ruoyi:ruoyi 5 org.jeecgframework.boot:jeecg-boot-base-core 5 org.neo4j.procedure:apoc 5 org.jboss.resteasy:resteasy-bom 5 org.apache.hadoop:hadoop-client 5 org.apache.inlong:manager-dao 5 org.jenkins-ci.plugins:fortify 5 org.jenkins-ci.plugins:credentials 5 org.jenkins-ci.plugins:websphere-deployer 5 org.xwiki.platform:xwiki-platform-appwithinminutes-ui 5 org.zenframework.z8.dependencies.commons:log4j-1.2.17 5 log4j:log4j 5 org.opennms:opennms-webapp 5 org.jenkins-ci.plugins:google-login 5 com.datapipe.jenkins.plugins:hashicorp-vault-plugin 5
Filter by Repository
https://github.com/jenkinsci/jenkins 147 https://github.com/CVEProject/cvelist 7 https://github.com/jenkinsci/stapler 1