Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
maven org.jenkins-ci.main:jenkins-core Security Advisories
Browse all Security Advisories for maven org.jenkins-ci.main:jenkins-core
Loading...
Moderate
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 months ago
GSA_kwCzR0hTQS1wajk1LXBoNHEtNHFtNM4AA_6u
Jenkins exposes multi-line secrets through error messagesEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 months ago
Moderate
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 months ago
GSA_kwCzR0hTQS1mOXFqLTc3cTItaDVjNc4AA_6r
Jenkins item creation restriction bypass vulnerabilityEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 months ago
Moderate
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 4 months ago
GSA_kwCzR0hTQS04cHY5LXFoOTYtOWhjNs4AA-cv
Jenkins does not perform a permission check in an HTTP endpointEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 4 months ago
High
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core, org.jenkins-ci.main:remoting
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 4 months ago
GSA_kwCzR0hTQS1oODU2LWZmdnYteHZyNM4AA-cu
Jenkins Remoting library arbitrary file read vulnerabilityEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core, org.jenkins-ci.main:remoting
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 4 months ago
Critical
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 10 months ago
GSA_kwCzR0hTQS02ZjlnLWN4d3ItcTVqcs4AA4qu
Arbitrary file read vulnerability through the Jenkins CLI can lead to RCEEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 10 months ago
High
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 10 months ago
GSA_kwCzR0hTQS01M3BoLTJyMngtdnF3OM4AA4qv
Cross-site WebSocket hijacking vulnerability in the Jenkins CLIEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 10 months ago
High
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
GSA_kwCzR0hTQS01ajQ2LTVod3EtZ3doN84AA1-J
Jenkins Cross-site Scripting vulnerabilityEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
High
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
GSA_kwCzR0hTQS01NXdwLTNwcTQtdzhwOc4AA1-L
Jenkins temporary plugin file created with insecure permissionsEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Low
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
GSA_kwCzR0hTQS1ocTg3LWg0amctdnhmd84AA1-C
Jenkins temporary uploaded file created with insecure permissionsEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Low
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
GSA_kwCzR0hTQS1xdjY0LXc5OWMtcWNyOc4AA1-K
Jenkins temporary uploaded file created with insecure permissionsEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Moderate
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
GSA_kwCzR0hTQS0yNzlmLXF3Z2gtaDVtcM4AA1-D
Jenkins does not exclude sensitive build variables from searchEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
High
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS02OXZ3LTNwY20tODRyd84AA05m
Jenkins Stored Cross-site Scripting vulnerabilityEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
High
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS05OGZwLXIyMmctd3BqN84AAz2W
Jenkins CSRF protection bypass vulnerabilityEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Low
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS1ycmdwLWMydzgtNnZnNs4AAyCG
Information disclosure through error stack traces related to agentsEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Moderate
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS1jajZyLThweGotNWp2Ns4AAyCF
Incorrect Permission Preservation in Jenkins CoreEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
High
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS1oZjloLXZ2NG0tMmYzM84AAyCn
Incorrect Authorization in Jenkins CoreEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
High
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS1oNzZwLW1jNjgtanYzcM4AAyCk
Denial of service in Jenkins CoreEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Low
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS01ODRtLTdyNG0tOGo2ds4AAyCI
Incorrect Authorization in Jenkins CoreEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
High
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS1qNjY0LXFoaDQtaHBmOM4AAyCa
Cross-site Scripting vulnerability in JenkinsEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Moderate
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS1mcmdyLWM1ZjItOHFoaM4AAyCc
Denial of service in Jenkins CoreEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
High
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
GSA_kwCzR0hTQS14cHZwLWg3M2MtbTlycc4AAu-W
Jenkins vulnerable to stored cross site scripting in the I:helpIcon componentEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS1wM3JjLTk0NmgtOGNmNc4AAs8u
Unauthorized view fragment access in JenkinsEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
High
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS02ZzRyLXE3cWctNnF4Ns4AAs8p
Cross-site Scripting vulnerability in JenkinsEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Moderate
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS05Z3JqLWo0M20tbWpxcs4AAs7n
Observable timing discrepancy allows determining username validity in JenkinsEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
High
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS02MndmLTI0YzQtOHI3Ns4AAs8i
Cross-site Scripting vulnerability in JenkinsEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
High
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS1taHA3LTMzOTMtcGZxcs4AAs8g
Cross-site Scripting vulnerability in JenkinsEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
High
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS03Zjg0LXA2cjUtanI2cc4AAs8h
Cross-site Scripting vulnerability in JenkinsEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Moderate
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS1odzU1LWY4d2MtODJtNs4AAq6O
Improper Neutralization of Input During Web Page Generation in JenkinsEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Moderate
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS05cWdmLTRmcGYtY21oMs4AAq6N
Improper Neutralization of Input During Web Page Generation in JenkinsEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Moderate
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS1xNnE5LTgzeHctbXA2cM4AAq6J
Improper Neutralization of Input During Web Page Generation in JenkinsEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Moderate
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS03Y2pjLXhwcHIteGo2eM4AAq6P
Improper Neutralization of Input During Web Page Generation in JenkinsEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Moderate
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS1oZzZnLWpqN2cteDZ2Ms4AAq6R
Improper Neutralization of Input During Web Page Generation in JenkinsEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Moderate
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS00N3djLXA1Y3Atdzdwd84AAq6Q
Exposure of Sensitive Information to an Unauthorized Actor in JenkinsEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Critical
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS00ZzM4LWhybTQtcmc5NM4AAqkP
Multiple vulnerabilities allow bypassing path filtering of agent-to-controller access control in JenkinsEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Critical
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS04eGc0LXhxMnYtdjZqN84AAqkL
Multiple vulnerabilities allow bypassing path filtering of agent-to-controller access control in JenkinsEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Critical
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS05N2MzLXc5Y3ItNnFjMs4AAqkN
Multiple vulnerabilities allow bypassing path filtering of agent-to-controller access control in JenkinsEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Critical
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS1tOWhyLTI1OWYtMnYyM84AAqj9
Multiple vulnerabilities allow bypassing path filtering of agent-to-controller access control in JenkinsEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Critical
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS05Mjl3LXE0MzMtNGg5eM4AAqj-
Multiple vulnerabilities allow bypassing path filtering of agent-to-controller access control in JenkinsEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Critical
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS0yYzc5LWgyaDUtZzNmd84AAqj1
Multiple vulnerabilities allow bypassing path filtering of agent-to-controller access control in JenkinsEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Critical
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS01OHhtLW14amYtMjU0Z84AAqkM
Multiple vulnerabilities allow bypassing path filtering of agent-to-controller access control in JenkinsEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Critical
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS1wZ2o2LWptajUtd3FmeM4AAqj8
Multiple vulnerabilities allow bypassing path filtering of agent-to-controller access control in JenkinsEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Critical
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS1qM2NxLWg2dmgtZ3g3Zs4AAqj5
Multiple vulnerabilities allow bypassing path filtering of agent-to-controller access control in JenkinsEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Critical
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS0zcTg0LXZydngtcmZ2Zs4AAqkF
Multiple vulnerabilities allow bypassing path filtering of agent-to-controller access control in JenkinsEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Critical
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS1jdjJ3LXE4YzMteGp2N84AAqj6
Agent-to-controller access control allows reading/writing most content of build directories in JenkinsEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Critical
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS1jdnZtLTRjcjktcjQzNs4AAqkD
Multiple vulnerabilities allow bypassing path filtering of agent-to-controller access control in JenkinsEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
High
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS1jNXI5LXJ4NTMtcTNnZs4AAqkB
Agent-to-controller access control allowed writing to sensitive directory used by Jenkins Pipeline: Shared Groovy Libraries PluginEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Moderate
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS00cHc1LXI1OGgtZnYyNM4AAqOh
Path traversal vulnerability on Windows in JenkinsEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Moderate
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS02cTRnLTg0ZjMtbXc3NM4AAqOq
Improper handling of equivalent directory names on Windows in JenkinsEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Moderate
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS1xNHdwLThjOTktNjlwd84AAo_d
Improper permission checks allow canceling queue items and aborting builds in JenkinsEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
High
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS00d3I5LTJ4YzYtam1nNc4AAo_q
Session fixation vulnerability in JenkinsEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Moderate
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS13Mmh2LXJjcXItMmg3cs4AAoE2
View name validation bypass in JenkinsEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Moderate
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS1wdnd4LTNqeDUtMjRyMs4AAoE-
Lack of type validation in agent related REST API in JenkinsEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Moderate
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS1xeHA2LTI3Z3ctOTljas4AAnWa
Time-of-check Time-of-use (TOCTOU) Race Condition in JenkinsEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Moderate
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS1tajdxLWNtZjMtbWc3aM4AAnOV
Stored XSS vulnerability in Jenkins on new item pageEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Moderate
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS03cWYzLWMycTgtNjltM84AAnOa
Reflected XSS vulnerability in Jenkins markup formatter previewEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Moderate
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS1jeHF3LXZqY3ItZ3A1Z84AAnOQ
Excessive memory allocation in graph URLs leads to denial of service in JenkinsEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
High
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS1weGdxLWdxcjktNWd3eM4AAnOR
Path traversal vulnerability in Jenkins agent namesEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Moderate
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS12cGptLTU4Y3ctcjhxNc4AAnOi
Arbitrary file read vulnerability in workspace browsers in JenkinsEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Moderate
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS05OGdxLTZoeGctNTJyNs4AAnOI
XSS vulnerability in Jenkins notification barEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Moderate
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS13djYzLWd3cjktNWM1Nc4AAnOM
Stored XSS vulnerability in Jenkins button labelsEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Moderate
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS00NjI1LXE1MnctMzljeM4AAnOJ
Missing permission check for paths with specific prefix in JenkinsEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Moderate
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS1mNTg1LTlmdzMtcmoybc4AAnOk
Arbitrary file existence check in file fingerprints in JenkinsEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
High
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS1xdjZmLXJjdjYtNnEzeM4AAnOP
Improper handling of REST API XML deserialization errors in JenkinsEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
High
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS1odm1jLTdnMngtcjNwOc4AAllE
Jenkins Cross-Site Scripting vulnerability in help iconsEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Moderate
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS1qcHZxLXY3MjktN2oyaM4AAlk6
Improper Neutralization of Input During Web Page Generation in JenkinsEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
High
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS05ZzRtLWZmeDYtYzI5Z84AAllI
Jenkins Cross-site Scripting vulnerability in project naming strategyEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
High
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS04NjR2LTVxMmctZnI2NM4AAlYf
Stored XSS vulnerability in Jenkins 'keep forever' badge iconEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
High
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS1nNGo2LW0zbTMtY3J3OM4AAlYJ
Stored XSS vulnerability in Jenkins upstream causeEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
High
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS1nZmhqLTUyNHEtZ2Nybc4AAlYZ
Stored XSS vulnerability in Jenkins console linksEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
High
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS1xZ2o0LXJjOG0tNDRtcc4AAlYS
Stored XSS vulnerability in Jenkins job build time trendEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Moderate
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS1jcmcyLTZ4djMtcWc1Zs4AAkC-
Improper Neutralization of Input During Web Page Generation in JenkinsEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
High
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS1jNzM1LWc5ZjItMm12cM4AAkDI
Cross-Site Request Forgery in JenkinsEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Moderate
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS1nOHBnLXFydm0td2doMs4AAkDM
Improper Neutralization of Input During Web Page Generation in JenkinsEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Moderate
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS0yeGNtLWg3dnYtZzhtOc4AAkDZ
Improper Neutralization of Input During Web Page Generation in JenkinsEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Low
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS03eHA4LTd3cXgtNWhxeM4AAjcV
Jenkins REST APIs vulnerable to clickjackingEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Moderate
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS1ncHh2LTc3NnAtN2djN84AAjcM
Jenkins vulnerable to UDP amplification reflection attackEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Moderate
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS1majZmLTY5MzMtODM5as4AAjcN
Non-constant time HMAC comparisonEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Moderate
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS1yNzhxLXFneDYtNjRwcM4AAjcT
Memory usage graphs accessible to anyone with Overall/ReadEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
High
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS1xcDRmLTJ3NjctYzhod84AAjcR
Inbound TCP Agent Protocol/3 authentication bypass in JenkinsEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Moderate
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS13N2pyLXdxdzYtNTR4Y84AAjcJ
Non-constant time comparison of inbound TCP agent connection secretEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Moderate
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS00ampqLWNtN3EtdjZocs4AAjcO
Jenkins Diagnostic page exposed session cookiesEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
High
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS1xajI3LXc5MmgtZmM5cs4AAjQo
XML external entity (XXE) vulnerability in JenkinsEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
High
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS1xZzd4LTRoNHEtM200Oc4AAjQr
XML external entity (XXE) vulnerability in JenkinsEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Moderate
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS05bTQ4LTU0cGotaDI0OM4AAh6P
Improper Neutralization of Input During Web Page Generation in JenkinsEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
High
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS12Y3I4LWg4cXAtcWo4aM4AAh6e
Cross-Site Request Forgery in JenkinsEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Moderate
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS1xcjQyLTgycWotbXc2Nc4AAhUj
Improper Limitation of a Pathname to a Restricted Directory in JenkinsEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
High
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS1oY3hmLXJxNzItaDRycs4AAhUU
Cross-Site Request Forgery in JenkinsEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Moderate
Ecosystems: maven
Packages: org.kohsuke.stapler:stapler-parent, org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS02amZjLW1jOTctYzd3Z84AAhUt
Missing Authorization in JenkinsEcosystems: maven
Packages: org.kohsuke.stapler:stapler-parent, org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Moderate
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS1oNWp2LWhnNjgtbWpoZ84AAdTm
Jenkins allows attackers to configure restricted projectsEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Moderate
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS03ZnBnLXBwM20taDIyZs4AAdTl
Jenkins allows attackers to execute arbitrary jobsEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Moderate
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS12eGM2LXd2aDgtZnB4d84AAdTi
Jenkins does not invalidate the API token when a user is deletedEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Moderate
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS1yeGZ2LWdtNXgtOXdxas4AAdTk
Jenkin allows attackers to obtain passwords by reading the HTML source codeEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Moderate
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS05dmc5LXgzOGctOWhmeM4AAdTh
Jenkins allows attackers to determine whether a user existsEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Moderate
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS1meGo4LWNxY3AtM3Zncc4AAdTf
Jenkins cross-site scripting (XSS) vulnerabilityEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Low
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS1wdjg4LWo2cmctcjU2cM4AAdTd
Jenkins allows attackers to obtain sensitive informationEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Moderate
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS1yNW0yLWc1Z2MtcTQzcs4AAdTe
Jenkins Denial of Service vulnerabilityEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Moderate
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS04amZ4LWg2cTItdjRnM84AAdTg
Jenkins session fixation vulnerabilityEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Moderate
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS14M3AzLTkyOWotcHE2Ns4AAdTU
Improper Neutralization of Input During Web Page Generation in JenkinsEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Moderate
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS02NG1jLTJtOXAtMjNjOM4AAdTR
Jenkins allows remote authenticated users to bypass intended restrictions and create or destroy arbitrary jobsEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Moderate
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS1meHFyLXB4Mm0tZnZjMs4AAdTV
Jenkins Exposure of Sensitive Information to an Unauthorized Actor vulnerabilityEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Statistics
Advisories: 20,668
Packages: 9,040
Repositories: 4
Ecosystems: 12
Packages: 9,040
Repositories: 4
Ecosystems: 12
Filter by Severity
Filter by Ecosystem
Filter by Package
org.jenkins-ci.main:jenkins-core
193
org.apache.tomcat:tomcat
132
com.fasterxml.jackson.core:jackson-databind
69
org.apache.struts:struts2-core
55
org.keycloak:keycloak-core
51
com.liferay.portal:release.portal.bom
46
org.apache.tomcat.embed:tomcat-embed-core
38
com.thoughtworks.xstream:xstream
37
org.xwiki.platform:xwiki-platform-oldcore
37
org.keycloak:keycloak-services
36
org.elasticsearch:elasticsearch
36
com.jfinal:jfinal
36
net.mingsoft:ms-mcms
35
io.undertow:undertow-core
34
org.jenkins-ci.plugins:script-security
33
org.keycloak:keycloak-parent
25
org.apache.solr:solr-core
25
org.springframework.security:spring-security-core
24
org.eclipse.jetty:jetty-server
24
org.bouncycastle:bcprov-jdk14
22
org.apache.nifi:nifi
21
org.apache.openmeetings:openmeetings-parent
21
org.cloudfoundry.identity:cloudfoundry-identity-server
20
org.springframework:spring-core
19
org.xwiki.platform:xwiki-platform-web-templates
19
com.vaadin:vaadin-bom
18
com.liferay.portal:release.dxp.bom
18
org.apache.geode:geode-core
17
org.apache.dubbo:dubbo
16
org.apache.activemq:activemq-client
16
org.bouncycastle:bcprov-jdk15
16
org.apache.jspwiki:jspwiki-main
16
org.apache.struts.xwork:xwork-core
15
org.apache.tomcat:tomcat-coyote
14
org.xwiki.platform:xwiki-platform-web
14
org.apache.inlong:manager-pojo
14
org.jenkins-ci.plugins.workflow:workflow-cps
13
org.apache.cxf:cxf
13
org.apache.hadoop:hadoop-main
13
org.bouncycastle:bcprov-jdk15on
12
org.jenkins-ci.plugins:git
12
org.apache.dolphinscheduler:dolphinscheduler
12
org.jeecgframework.boot:jeecg-boot-parent
12
com.vaadin:flow-server
12
org.apache.hadoop:hadoop-common
12
org.igniterealtime.openfire:parent
11
org.apache.james:james-server
11
org.apache.ranger:ranger
11
org.apache.camel:camel-core
11
org.apache.commons:commons-compress
11
org.springframework:spring-webmvc
11
com.xuxueli:xxl-job
11
org.apache.cxf:cxf-core
11
org.mortbay.jetty:jetty
11
org.jeecgframework.boot:jeecg-boot-common
11
org.apache.jspwiki:jspwiki-war
11
org.apache.tika:tika-core
11
org.jenkins-ci.plugins:email-ext
11
org.xwiki.platform:xwiki-platform-administration-ui
10
org.apache.tomcat:tomcat-catalina
10
org.jenkins-ci.plugins.workflow:workflow-cps-global-lib
10
org.apache.inlong:manager-service
10
io.netty:netty
10
org.springframework:spring-web
10
org.jboss.netty:netty
10
org.apache.tapestry:tapestry-core
9
org.apache.linkis:linkis
9
org.jenkins-ci.plugins:electricflow
9
org.opencms:opencms-core
9
bootstrap
9
org.apache.shiro:shiro-core
9
org.jenkins-ci.plugins:config-file-provider
9
cn.hutool:hutool-core
9
com.sonyericsson.jenkins.plugins.bfa:build-failure-analyzer
9
io.jenkins:configuration-as-code
9
org.bouncycastle:bcprov-jdk15to18
9
org.opencrx:opencrx-core-models
9
org.opennms:opennms
9
org.craftercms:crafter-studio
9
org.webjars:bootstrap
9
bootstrap
9
bootstrap
9
org.apache.hive:hive
9
org.jenkins-ci.plugins:active-directory
9
org.apache.kylin:kylin
9
twbs/bootstrap
9
org.apache.xmlgraphics:batik
9
org.apache.archiva:archiva
9
io.jenkins.blueocean:blueocean
8
org.webjars.npm:jquery
8
org.yaml:snakeyaml
8
org.postgresql:postgresql
8
jquery
8
org.apache.ozone:ozone-main
8
pyspark
8
org.graylog2:graylog2-server
8
org.apache.pdfbox:pdfbox
8
org.apache.santuario:xmlsec
8
org.apache.zeppelin:zeppelin
8
com.hazelcast:hazelcast
8
jquery-rails
8
org.jenkins-ci.plugins:ec2
8
org.apache.ambari:ambari
8
mysql:mysql-connector-java
8
org.apache.hive:hive-exec
8
org.apache.activemq:activemq-parent
7
io.jenkins.plugins:warnings-ng
7
org.apache.spark:spark-core_2.11
7
org.apache.inlong:manager-web
7
org.owasp.antisamy:antisamy
7
org.jenkins-ci.plugins:oic-auth
7
org.jenkins-ci.plugins:openshift-deployer
7
io.dataease:dataease-plugin-common
7
org.apache.cxf:apache-cxf
7
org.apache.karaf:apache-karaf
7
org.owasp.esapi:esapi
7
jQuery.UI.Combined
7
org.webjars.npm:jquery-ui
7
jquery-ui-rails
7
jquery-ui
7
org.jenkins-ci.plugins:artifactory
7
io.atomix:atomix
7
bootstrap.sass
7
org.jenkins-ci.plugins:rundeck
7
bootstrap-sass
7
org.jenkins-ci.plugins:jobConfigHistory
7
org.apache.logging.log4j:log4j-core
7
io.jenkins.plugins:cavisson-ns-nd-integration
7
org.apache.poi:poi
7
org.apache.derby:derby
7
org.jeecgframework.boot:jeecg-boot-base
7
io.jenkins.plugins:miniorange-saml-sp
7
jQuery
7
rubygems-update
7
org.jruby:jruby-stdlib
7
org.silverpeas.core:silverpeas-core-web
7
org.apache.hive:hive-service
7
org.apache.atlas:atlas-common
7
org.jenkins-ci.plugins:subversion
7
org.jboss.resteasy:resteasy-client
7
org.apache.tika:tika
7
org.jenkins-ci.plugins:mercurial
7
net.opentsdb:opentsdb
7
org.opencastproject:opencast-kernel
6
org.csanchez.jenkins.plugins:kubernetes
6
org.jenkins-ci.plugins:ec2-deployment-dashboard
6
com.jflyfox:jflyfox_jfinal
6
org.xwiki.commons:xwiki-commons-xml
6
org.opensearch.plugin:opensearch-security
6
org.apache.druid:druid
6
org.apache.syncope:syncope-core
6
org.apache.spark:spark-core_2.10
6
tech.powerjob:powerjob
6
com.google.protobuf:protobuf-java
6
org.jenkins-ci.plugins:repository-connector
6
commons-fileupload:commons-fileupload
6
org.jenkins-ci.plugins:fortify-on-demand-uploader
6
org.apache.shenyu:shenyu-common
6
org.apache.struts:struts2-rest-plugin
6
org.jenkins-ci.plugins:azure-vm-agents
6
de.tum.in.ase:artemis-java-test-sandbox
6
org.jenkins-ci.plugins:pipeline-maven
6
com.sonyericsson.hudson.plugins.gerrit:gerrit-trigger
6
org.apache.axis:axis
6
axis:axis
6
org.apache.solr:solr-parent
6
org.apache.pulsar:pulsar-broker
6
org.apache.httpcomponents:httpclient
6
org.jenkins-ci.plugins:gitlab-oauth
6
org.apache.storm:storm-core
6
hudson.plugins:project-inheritance
6
org.bouncycastle:bcprov-jdk18on
6
io.netty:netty-codec-http
6
org.apache.mesos:mesos
6
cn.hutool:hutool-json
6
io.netty:netty-handler
6
org.infinispan:infinispan-core
6
com.xebialabs.deployit.ci:deployit-plugin
6
org.jenkins-ci.plugins:azure-ad
5
io.jenkins.plugins:neuvector-vulnerability-scanner
5
org.jenkinsci.plugins:octoperf
5
bootstrap-sass
5
com.nimbusds:nimbus-jose-jwt
5
org.springframework.security.oauth:spring-security-oauth2
5
io.vertx:vertx-core
5
org.jenkins-ci.plugins:openid
5
org.apache.kylin:kylin-server-base
5
org.jenkins-ci.plugins:sinatra-chef-builder
5
com.coravy.hudson.plugins.github:github
5
org.jenkins-ci.plugins:gitlab-plugin
5
org.geoserver:gs-wms
5
org.jenkins-ci.plugins:junit
5
org.apache.cassandra:cassandra-all
5
edu.stanford.nlp:stanford-corenlp
5
org.jenkins-ci.plugins:scriptler
5
xerces:xercesImpl
5
org.xwiki.platform:xwiki-platform-flamingo-skin-resources
5
log4j:log4j
5
org.zenframework.z8.dependencies.commons:log4j-1.2.17
5
com.vaadin:vaadin-server
5