Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

maven org.jenkins-ci.main:jenkins-core Security Advisories

Loading...
Moderate
GSA_kwCzR0hTQS1majZmLTY5MzMtODM5as4AAjcN
Non-constant time HMAC comparison
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Published: about 1 year ago
Critical
GSA_kwCzR0hTQS1wZ2o2LWptajUtd3FmeM4AAqj8
Multiple vulnerabilities allow bypassing path filtering of agent-to-controller access control in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Published: about 1 year ago
Critical
GSA_kwCzR0hTQS0yYzc5LWgyaDUtZzNmd84AAqj1
Multiple vulnerabilities allow bypassing path filtering of agent-to-controller access control in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Published: about 1 year ago
Critical
GSA_kwCzR0hTQS1tOWhyLTI1OWYtMnYyM84AAqj9
Multiple vulnerabilities allow bypassing path filtering of agent-to-controller access control in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Published: about 1 year ago
Critical
GSA_kwCzR0hTQS0zcTg0LXZydngtcmZ2Zs4AAqkF
Multiple vulnerabilities allow bypassing path filtering of agent-to-controller access control in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Published: about 1 year ago
Critical
GSA_kwCzR0hTQS1jdnZtLTRjcjktcjQzNs4AAqkD
Multiple vulnerabilities allow bypassing path filtering of agent-to-controller access control in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Published: about 1 year ago
High
GSA_kwCzR0hTQS1tajdxLWNtZjMtbWc3aM4AAnOV
Stored XSS vulnerability in Jenkins on new item page
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Published: about 1 year ago
High
GSA_kwCzR0hTQS1xdjZmLXJjdjYtNnEzeM4AAnOP
Improper handling of REST API XML deserialization errors in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Published: about 1 year ago
High
GSA_kwCzR0hTQS00d3I5LTJ4YzYtam1nNc4AAo_q
Session fixation vulnerability in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Published: about 1 year ago
High
GSA_kwCzR0hTQS02MndmLTI0YzQtOHI3Ns4AAs8i
Cross-site Scripting vulnerability in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Published: 12 months ago
Moderate
GSA_kwCzR0hTQS05Z3JqLWo0M20tbWpxcs4AAs7n
Observable timing discrepancy allows determining username validity in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Published: 12 months ago
Moderate
GSA_kwCzR0hTQS1xeHA2LTI3Z3ctOTljas4AAnWa
Time-of-check Time-of-use (TOCTOU) Race Condition in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS1mNTg1LTlmdzMtcmoybc4AAnOk
Arbitrary file existence check in file fingerprints in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Published: about 1 year ago
Low
GSA_kwCzR0hTQS00NjI1LXE1MnctMzljeM4AAnOJ
Missing permission check for paths with specific prefix in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS00ampqLWNtN3EtdjZocs4AAjcO
Jenkins Diagnostic page exposed session cookies
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS0zMjk3LTk0NHgtajd4N835TA
Incorrect Authorization in Jenkins Core
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS05amN2LXY0anAtdzNjcc4AATfy
Cross-site Scripting in Jenkins Core
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS04NTcyLTVqcmctbXg1Ms4AAXul
Exposure of Sensitive Information in Jenkins Core
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS0zODU3LXhtMzgtam1xMs4AAXuy
Incorrect Authorization in Jenkins Core
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS1qZ3ByLXFydzItNmdwM84AAXvS
Exposure of Sensitive Information in Jenkins Core
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Published: about 1 year ago
Critical
GSA_kwCzR0hTQS1qbXc3LXBoNnAtMzNjY84AAXvi
Exposure of Sensitive Information in Jenkins Core
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS14M3JjLWN4djctNnhwNs4AAX4Y
Cross-site Scripting in Jenkins Core
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Published: about 1 year ago
Critical
GSA_kwCzR0hTQS1qM2NxLWg2dmgtZ3g3Zs4AAqj5
Multiple vulnerabilities allow bypassing path filtering of agent-to-controller access control in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Published: about 1 year ago
Critical
GSA_kwCzR0hTQS05Mjl3LXE0MzMtNGg5eM4AAqj-
Multiple vulnerabilities allow bypassing path filtering of agent-to-controller access control in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS12cGptLTU4Y3ctcjhxNc4AAnOi
Arbitrary file read vulnerability in workspace browsers in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Published: about 1 year ago
High
GSA_kwCzR0hTQS05ZzRtLWZmeDYtYzI5Z84AAllI
Jenkins Cross-site Scripting vulnerability in project naming strategy
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Published: about 1 year ago
High
GSA_kwCzR0hTQS1odm1jLTdnMngtcjNwOc4AAllE
Jenkins Cross-Site Scripting vulnerability in help icons
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS14M3AzLTkyOWotcHE2Ns4AAdTU
Improper Neutralization of Input During Web Page Generation in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Published: about 1 year ago
High
GSA_kwCzR0hTQS05OGdxLTZoeGctNTJyNs4AAnOI
XSS vulnerability in Jenkins notification bar
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS1wOHg4LXA0NzMtbW1tds37rg
Missing Authorization in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Published: about 1 year ago
High
GSA_kwCzR0hTQS04NXdxLXBxaHAtaG1xNs4AAXaM
Cross-Site Request Forgery in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Published: about 1 year ago
High
GSA_kwCzR0hTQS1qNDcyLW1jcTItOTVwNs4AATfe
OS Command Injection in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Published: about 1 year ago
Low
GSA_kwCzR0hTQS1oOGM1LWM5MmctanE2eM4AATfr
Improper Input Validation in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Published: about 1 year ago
High
GSA_kwCzR0hTQS1mN2Y2LXhyd2MtOWM1N84AATff
Improper Input Validation in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS1yOXEyLTNyNngtcW1ncM4AARcs
Inadequate Encryption Strength in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS13ajVjLWo2NTYtaDVmd84AARcr
Exposure of Sensitive Information to an Unauthorized Actor in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Published: about 1 year ago
Low
GSA_kwCzR0hTQS14NTVwLTY1MjYteG1tcM4AARct
Exposure of Sensitive Information to an Unauthorized Actor in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS1tOTNoLTVxbXgtcHBoZ84AARcf
Improper Authentication in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS02OTY3LTl2dnYtNGNtbc4AARcj
Exposure of Sensitive Information to an Unauthorized Actor in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS00Mm02LTd4ZmYtOXY5bc4AARcE
Improper Neutralization of Input During Web Page Generation in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS1qZmY1LTU1eGotNGpjcc4AARcm
Improper Neutralization of Input During Web Page Generation in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS1wd3Y2LTg3MmMtZ2NnNs4AARck
Cross-Site Request Forgery in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS13ZjlnLXJoNzYtNmp2cs4AARcd
Incorrect Permission Assignment for Critical Resource in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS02bXY5LWhjeDUtN21oaM3mmQ
Server-Side Request Forgery in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS0ydzR4LXJ4cDctZ3JnN83mjg
Exposure of Sensitive Information to an Unauthorized Actor in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Published: about 1 year ago
High
GSA_kwCzR0hTQS14NjQ2LW03eDItZ2NwN83mbw
Path Traversal in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS03NTkyLTkzcm0tNmdweM3mbg
Injection in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS1yZ21qLW1jY2otaDlteM3mbQ
Cross-Site Request Forgery in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS1odjQ1LTVqOWgtN2ZoZ84AATfx
Cross-site Scripting in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS00aDQ3LWgzY3ItMjN3aM4AASkE
Improper Authorization in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS1ycjZyLXA3cnctMzY5Y84AATfz
Session Fixation in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Published: about 1 year ago
High
GSA_kwCzR0hTQS01M2pwLWdtd2MtandmNs4AATfu
Exposure of Sensitive Information to an Unauthorized Actor in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Published: about 1 year ago
Critical
GSA_kwCzR0hTQS1oaHBtLTVjcDItaGc0eM3mcw
Deserialization of Untrusted Data in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS1ocGg5LTl2Y3EtZjdncM4AATf0
Exposure of Sensitive Information to an Unauthorized Actor in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Published: about 1 year ago
High
GSA_kwCzR0hTQS00amhtLTVmN2ctNzVmcM4AASkQ
Improper Limitation of a Pathname to a Restricted Directory in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS05Y2p2LTkzZzctYzZtds4AASlC
Loop with Unreachable Exit Condition in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Published: about 1 year ago
High
GSA_kwCzR0hTQS0yNjMyLWgzMmotNnJnOc4AASyR
Missing Release of Resource after Effective Lifetime in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS01cDU5LXY1d20tNzd2NM3mlA
Improper Limitation of a Pathname to a Restricted Directory in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS0yOHAzLW1jaHItOWZyas4AATf4
Deserialization of Untrusted Data in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS1xNGNxLXI3aGctcHhxcc4AATf1
Improper Authentication in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS13bXI4LTI1ZmYtZ2dwas3mkQ
Incorrect Authorization in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS1wMjY1LXhyOTgtM3Ztcs3mbA
Incorrect Authorization in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS1xcjQyLTgycWotbXc2Nc4AAhUj
Improper Limitation of a Pathname to a Restricted Directory in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Published: about 1 year ago
High
GSA_kwCzR0hTQS1oY3hmLXJxNzItaDRycs4AAhUU
Cross-Site Request Forgery in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Published: about 1 year ago
High
GSA_kwCzR0hTQS12Y3I4LWg4cXAtcWo4aM4AAh6e
Cross-Site Request Forgery in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS1xNnE5LTgzeHctbXA2cM4AAq6J
Improper Neutralization of Input During Web Page Generation in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS1odzU1LWY4d2MtODJtNs4AAq6O
Improper Neutralization of Input During Web Page Generation in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS0yeGNtLWg3dnYtZzhtOc4AAkDZ
Improper Neutralization of Input During Web Page Generation in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Published: about 1 year ago
High
GSA_kwCzR0hTQS1nNGo2LW0zbTMtY3J3OM4AAlYJ
Stored XSS vulnerability in Jenkins upstream cause
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Published: about 1 year ago
High
GSA_kwCzR0hTQS1nZmhqLTUyNHEtZ2Nybc4AAlYZ
Stored XSS vulnerability in Jenkins console links
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Published: about 1 year ago
High
GSA_kwCzR0hTQS13djYzLWd3cjktNWM1Nc4AAnOM
Stored XSS vulnerability in Jenkins button labels
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Published: about 1 year ago
Critical
GSA_kwCzR0hTQS00ZzM4LWhybTQtcmc5NM4AAqkP
Multiple vulnerabilities allow bypassing path filtering of agent-to-controller access control in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Published: about 1 year ago
High
GSA_kwCzR0hTQS04NjR2LTVxMmctZnI2NM4AAlYf
Stored XSS vulnerability in Jenkins 'keep forever' badge icon
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Published: about 1 year ago
High
GSA_kwCzR0hTQS1xZ2o0LXJjOG0tNDRtcc4AAlYS
Stored XSS vulnerability in Jenkins job build time trend
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS02cTRnLTg0ZjMtbXc3NM4AAqOq
Improper handling of equivalent directory names on Windows in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS00cHc1LXI1OGgtZnYyNM4AAqOh
Path traversal vulnerability on Windows in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS1nNzh4LXhtdjgtMjN4cM4AATft
Exposure of Sensitive Information to an Unauthorized Actor in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS1xcGc5LTgzZnYteDljaM3mcg
Improper Neutralization of Input During Web Page Generation in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS00N3djLXA1Y3Atdzdwd84AAq6Q
Exposure of Sensitive Information to an Unauthorized Actor in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Published: about 1 year ago
High
GSA_kwCzR0hTQS14cHZwLWg3M2MtbTlycc4AAu-W
Jenkins vulnerable to stored cross site scripting in the I:helpIcon component
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Published: 9 months ago
Critical
GSA_kwCzR0hTQS0yeDloLWgzYzQtd3FxaM4AATaP
Improper Neutralization of Special Elements used in an LDAP Query in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS02NmNyLTZ3aHgtNzMycM4AAdTQ
Jenkins improperly ensures trust separation
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS1xNWY4LWZ4cngtcHc2Zs3iYg
Jenkins subject to Cross-site Scripting
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS00NDY2LThqbTQtNDQ4cM4AAXaQ
Deserialization of Untrusted Data in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS01cHB4LXJndzIteGcyM84AATfi
Improper Neutralization of Input During Web Page Generation in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS13cXY0LTlncjMtM3FnaM4AATfl
Exposure of Sensitive Information to an Unauthorized Actor in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS1mZmdnLXZwaGgtdjI3M84AARc6
Incomplete List of Disallowed Inputs in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS01aGZwLTk2NHctNXZnbc4AATfj
Improper Limitation of a Pathname to a Restricted Directory in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Published: about 1 year ago
High
GSA_kwCzR0hTQS03NDJqLWpjZnItMjN3M83mkw
Insufficient Session Expiration in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS1wZ3h2LWg5NjctZncycc3mkA
Improper Neutralization of Input During Web Page Generation in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Published: about 1 year ago
High
GSA_kwCzR0hTQS1qOHF2LW1qNHItNmZ3NM3mdQ
Improper Input Validation in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS02amZjLW1jOTctYzd3Z84AAhUt
Missing Authorization in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS1oZzZnLWpqN2cteDZ2Ms4AAq6R
Improper Neutralization of Input During Web Page Generation in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS1nOHBnLXFydm0td2doMs4AAkDM
Improper Neutralization of Input During Web Page Generation in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Published: about 1 year ago
Critical
GSA_kwCzR0hTQS0yNndjLTN3cXAtZzNycM3mng
Deserialization of Untrusted Data in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Published: about 1 year ago
High
GSA_kwCzR0hTQS1yNTdmLTd4dzMtcTJyOc4AAXaG
Improper Authentication in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Published: about 1 year ago
Critical
GSA_kwCzR0hTQS05Mm1yLTR3MnEtNDU3OM4AAbHa
Exposure of Sensitive Information to an Unauthorized Actor in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Published: about 1 year ago
High
GSA_kwCzR0hTQS13ZmozLTUzNW0tcDZmeM4AATfc
Improper Input Validation in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS1oOTcyLWN3anYtMnYzOc4AATfs
Exposure of Sensitive Information to an Unauthorized Actor in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS1mcTlmLTl3djktcmZtZ84AATfk
Improper Certificate Validation in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Published: about 1 year ago
Filter by Package
org.jenkins-ci.main:jenkins-core 163 org.apache.tomcat:tomcat 78 com.fasterxml.jackson.core:jackson-databind 69 org.apache.struts:struts2-core 43 org.keycloak:keycloak-core 39 com.thoughtworks.xstream:xstream 37 org.apache.nifi:nifi 28 org.springframework:spring-core 27 io.undertow:undertow-core 26 com.liferay.portal:release.portal.bom 25 net.mingsoft:ms-mcms 25 org.elasticsearch:elasticsearch 23 org.xwiki.platform:xwiki-platform-oldcore 22 org.apache.tomcat.embed:tomcat-embed-core 22 org.jenkins-ci.plugins:script-security 21 org.apache.solr:solr-core 21 org.springframework.security:spring-security-core 21 org.eclipse.jetty:jetty-server 21 org.apache.openmeetings:openmeetings-parent 20 com.vaadin:vaadin-bom 19 org.keycloak:keycloak-parent 18 org.bouncycastle:bcprov-jdk14 17 org.apache.activemq:activemq-client 17 org.bouncycastle:bcprov-jdk15 16 org.apache.geode:geode-core 16 org.apache.jspwiki:jspwiki-main 15 org.apache.cxf:cxf 14 org.apache.dubbo:dubbo 14 org.apache.tika:tika-core 12 org.jenkins-ci.plugins.workflow:workflow-cps 11 org.jenkins-ci.plugins:git 11 org.apache.cxf:cxf-core 11 org.apache.hadoop:hadoop-common 11 org.apache.hadoop:hadoop-main 11 org.apache.jspwiki:jspwiki-war 11 org.apache.camel:camel-core 10 com.vaadin:flow-server 10 org.xwiki.platform:xwiki-platform-web 10 org.apache.ranger:ranger 10 org.xwiki.platform:xwiki-platform-web-templates 9 org.apache.xmlgraphics:batik 9 io.jenkins:configuration-as-code 9 org.apache.hive:hive 9 org.jenkins-ci.plugins.workflow:workflow-cps-global-lib 9 org.jenkins-ci.plugins:email-ext 8 org.apache.tapestry:tapestry-core 8 org.apache.poi:poi 8 org.apache.shiro:shiro-core 8 org.apache.tika:tika 8 org.yaml:snakeyaml 8 org.apache.commons:commons-compress 8 org.apache.karaf:apache-karaf 8 mysql:mysql-connector-java 8 org.jboss.resteasy:resteasy-client 8 org.apache.pdfbox:pdfbox 8 org.keycloak:keycloak-services 8 org.apache.hive:hive-exec 8 org.apache.kylin:kylin 8 org.apache.ozone:ozone-main 8 org.apache.zeppelin:zeppelin 7 com.xuxueli:xxl-job 7 org.apache.archiva:archiva 7 org.springframework:spring-webmvc 7 io.jenkins.plugins:cavisson-ns-nd-integration 7 org.opennms:opennms 7 org.jenkins-ci.plugins:subversion 7 org.igniterealtime.openfire:parent 7 org.apache.atlas:atlas-common 7 org.apache.santuario:xmlsec 7 org.craftercms:crafter-studio 7 org.jruby:jruby-stdlib 7 rubygems-update 7 io.jenkins.blueocean:blueocean 7 org.postgresql:postgresql 7 org.apache.logging.log4j:log4j-core 7 com.jflyfox:jflyfox_jfinal 7 org.apache.httpcomponents:httpclient 7 org.apache.druid:druid 7 org.apache.spark:spark-core_2.11 7 org.apache.cxf:apache-cxf 7 org.apache.james:james-server 7 org.jeecgframework.boot:jeecg-boot-base 7 io.atomix:atomix 7 org.apache.hive:hive-service 7 org.apache.syncope:syncope-core 6 org.jenkins-ci.plugins:ec2 6 org.xwiki.platform:xwiki-platform-administration-ui 6 org.jenkins-ci.plugins:active-directory 6 org.apache.solr:solr-parent 6 org.csanchez.jenkins.plugins:kubernetes 6 org.apache.dolphinscheduler:dolphinscheduler 6 org.apache.mesos:mesos 6 com.sonyericsson.hudson.plugins.gerrit:gerrit-trigger 6 commons-jxpath:commons-jxpath 6 org.opencastproject:opencast-kernel 6 io.dataease:dataease-plugin-common 6 commons-fileupload:commons-fileupload 6 org.springframework.amqp:spring-amqp 6 org.apache.tomcat:tomcat-catalina 6 org.apache.spark:spark-core_2.10 6 net.opentsdb:opentsdb 6 org.owasp.antisamy:antisamy 6 org.opencms:opencms-core 6 io.jenkins.plugins:miniorange-saml-sp 6 org.jenkins-ci.plugins:pipeline-maven 5 org.apache.shenyu:shenyu-common 5 org.biouno:uno-choice 5 org.jenkinsci.plugins:octoperf 5 org.jenkins-ci.plugins:repository-connector 5 org.jenkins-ci.plugins:ghprb 5 org.jeecgframework.boot:jeecg-boot-common 5 com.datapipe.jenkins.plugins:hashicorp-vault-plugin 5 com.synopsys.jenkinsci:ownership 5 tech.powerjob:powerjob 5 org.jenkins-ci.plugins:extended-choice-parameter 5 org.xwiki.commons:xwiki-commons-xml 5 xerces:xercesImpl 5 com.sonyericsson.jenkins.plugins.bfa:build-failure-analyzer 5 org.craftercms:craftercms 5 io.vertx:vertx-web 5 com.fasterxml.woodstox:woodstox-core 5 org.jenkins-ci.plugins:openshift-deployer 5 org.neo4j.procedure:apoc 5 org.jenkins-ci.plugins:ec2-deployment-dashboard 5 org.dspace:dspace-jspui 5 org.apache.hadoop:hadoop-client 5 org.owasp.esapi:esapi 5 org.bouncycastle:bcprov-jdk15on 5 com.hazelcast:hazelcast 5 org.jenkins-ci.plugins:mercurial 5 io.netty:netty-handler 5 org.apache.cxf.fediz:fediz-spring2 5 org.jenkins-ci.plugins:mailer 5 info.magnolia:magnolia-core 5 org.jeecgframework.boot:jeecg-boot-base-core 5 io.netty:netty-codec-http 5 org.apache.storm:storm-core 5 org.apache.ignite:ignite-core 5 org.codehaus.jettison:jettison 5 com.alibaba:dubbo 5 org.jboss.resteasy:resteasy-bom 5 org.apache.activemq:activemq-parent 5 org.infinispan:infinispan-core 5 edu.stanford.nlp:stanford-corenlp 5 org.jenkins-ci.plugins:codedx 5 org.apache.kafka:kafka 5 log4j:log4j 5 org.apache.struts:struts2-rest-plugin 4 org.jenkins-ci.plugins:tfs 4 org.jenkins-ci.plugins:hp-application-automation-tools-plugin 4 com.google.protobuf:protobuf-java 4 org.jenkins-ci.plugins:config-file-provider 4 org.jenkins-ci.plugins:ssh 4 org.jenkins-ci.plugins:requests 4 org.jenkins-ci.plugins:p4 4 org.jenkins-ci.plugins:cons3rt 4 org.jenkins-ci.plugins:junit 4 com.xebialabs.deployit.ci:deployit-plugin 4 org.jenkins-ci.plugins:google-login 4 org.jenkins-ci.plugins:coverity 4 org.jenkins-ci.plugins:google-compute-engine 4 org.jenkins-ci.plugins:rapiddeploy-jenkins 4 org.jenkins-ci.plugins:ansible 4 com.elasticbox.jenkins-ci.plugins:kubernetes-ci 4 org.jenkins-ci.plugins:libvirt-slave 4 org.jenkins-ci.plugins:crx-content-package-deployer 4 org.jenkins-ci.plugins:build-publisher 4 org.jenkins-ci.plugins:gitlab-oauth 4 org.jenkins-ci.plugins:ci-with-toad-edge 4 com.surenpi.jenkins:phoenix-autotest 4 org.jenkins-ci.plugins:kubernetes-cd 4 org.jenkins-ci.plugins:publish-over-ssh 4 org.apache.cassandra:cassandra-all 4 com.alibaba.nacos:nacos-common 4 aws-iot-device-sdk-v2 4 software.amazon.awssdk.iotdevicesdk:aws-iot-device-sdk 4 com.h2database:h2 4 com.nimbusds:nimbus-jose-jwt 4 io.hawt:project 4 org.glassfish:javax.faces 4 struts:struts 4 com.compuware.jenkins:compuware-topaz-for-total-test 4 org.jenkins-ci.plugins:reportportal 4 org.jenkins-ci.plugins:katalon 4 org.jenkins-ci.plugins:rundeck 4 org.xwiki.platform:xwiki-platform-wiki-ui-mainwiki 4 org.jenkins-ci.plugins:deployer-framework 4 net.bull.javamelody:javamelody-core 4 awsiotsdk 4 org.apache.derby:derby 4 org.opensaml:opensaml 4 com.convertigo.jenkins.plugins:convertigo-mobile-platform 4 org.apache.ws.security:wss4j 4 org.springframework.security.oauth:spring-security-oauth2 4 org.apache.kylin:kylin-server-base 4 org.apache.thrift:libthrift 4 org.jolokia:jolokia-core 4 org.wildfly.security:wildfly-elytron 4 org.jenkins-ci.plugins:matrix-project 4 org.jenkins-ci.plugins:jira-steps 4 org.mortbay.jetty:jetty 4 org.jvnet.hudson.plugins:storable-configs-plugin 4 org.xwiki.platform:xwiki-platform-attachment-ui 4 io.swagger:swagger-codegen 4 com.itextpdf:itext7-core 4 com.typesafe.play:play_2.12 4 hudson.plugins:project-inheritance 4 org.opencastproject:opencast-common 4 org.apache.cxf:cxf-rt-frontend-jaxrs 4 com.vaadin:vaadin-server 4 io.ratpack:ratpack-core 4 org.directwebremoting:dwr 4 org.opensearch.plugin:opensearch-security 4 org.xwiki.platform:xwiki-platform-flamingo-theme-ui 4 com.typesafe.play:play 4 org.jenkins-ci.plugins:wso2id-oauth 4 org.jenkins-ci.plugins:credentials 4 org.apache.ant:ant 4 org.apache.axis:axis 4 org.apache.qpid:qpid-broker 4 org.apache.olingo:odata-client-core 3 org.jenkins-ci.plugins:fortify-on-demand-uploader 3 org.apache.qpid:proton-j 3 io.vertx:vertx-core 3 com.orientechnologies:orientdb-studio 3 org.jenkins-ci.plugins:autocomplete-parameter 3 org.jenkins-ci.plugins:cloudbees-jenkins-advisor 3 io.apiman:apiman-manager-api-rest-impl 3 org.jenkins-ci.plugins:zephyr-for-jira-test-management 3 org.jenkins-ci.plugins:elastest 3 org.springframework.data:spring-data-commons 3 org.apache.spark:spark-core 3 org.restlet.jse:org.restlet 3 com.ctrip.framework.apollo:apollo 3 org.xwiki.platform:xwiki-platform-panels-ui 3 org.jenkins-ci.plugins:database 3 org.jenkins-ci.tools:git-parameter 3 io.jenkins.plugins:code-coverage-api 3 com.linecorp.armeria:armeria 3 org.jenkins-ci.plugins:liquibase-runner 3 com.google.protobuf:protobuf-javalite 3 org.springframework:spring-webflux 3 net.praqma:rqm-plugin 3 org.jenkins-ci.plugins:support-core 3 org.jenkins-ci.plugins:icescrum 3 org.eclipse.jetty:jetty-webapp 3 cn.hutool:hutool-json 3 org.jenkins-ci.plugins:promoted-builds 3 com.groupon.jenkins-ci.plugins:DotCi 3 com.xebialabs.ci:xlrelease-plugin 3 org.jenkins-ci.plugins:github-branch-source 3 org.jenkins-ci.plugins:vsphere-cloud 3 org.jenkins-ci.plugins:pipeline-input-step 3 com.moded.extendedchoiceparameter:dynamic_extended_choice_parameter 3 org.jenkins-ci.plugins:google-kubernetes-engine 3 org.jenkins-ci.plugins:anchore-container-scanner 3 org.jenkins-ci.plugins:jira 3 org.jenkins-ci.plugins:dynatrace-dashboard 3 de.tum.in.ase:artemis-java-test-sandbox 3 org.jenkins-ci.plugins:bitbucket-oauth 3 org.apache.karaf:karaf 3 org.jenkins-ci.plugins:generic-webhook-trigger 3 org.jenkins-ci.plugins:sinatra-chef-builder 3 org.jenkins-ci.plugins:dbCharts 3 org.conjur.jenkins:conjur-credentials 3 org.jenkins-ci.plugins:rocketchatnotifier 3 org.jenkins-ci.plugins:role-strategy 3 org.igniterealtime.openfire:xmppserver 3 org.jenkins-ci.plugins:azure-credentials 3 org.apache.atlas:apache-atlas 3 com.xuxueli:xxl-job-core 3 org.jenkins-ci.plugins:cas-plugin 3 org.bouncycastle:bc-fips 3 org.bouncycastle:bcprov-jdk16 3 io.goobi.viewer:viewer-core 3 org.apache.unomi:unomi 3 org.richfaces:richfaces-core 3 org.graylog2:graylog2-server 3 org.springframework.data:spring-data-rest-core 3 org.apache.jmeter:ApacheJMeter 3 org.apache.sling:org.apache.sling.xss 3 org.jboss.resteasy:resteasy-core 3 org.apache.activemq:apache-artemis 3 io.projectreactor.netty:reactor-netty-http 3 org.jenkins-ci.plugins:pipeline-build-step 3 org.jenkins-ci.plugins:audit-trail 3 org.springframework.data:spring-data-jpa 3 fr.edf.jenkins.plugins:mac 3 com.adobe.acs:acs-aem-commons 3 org.apache.iotdb:iotdb-parent 3 com.geteasyqa:easyqa 3 org.jenkins-ci.plugins:embeddable-build-status 3 org.jenkins-ci.plugins:lucene-search 3 org.jenkins-ci.plugins:openstack-heat 3 org.jenkins-ci.plugins:recipe 3 org.jenkins-ci.plugins:gitlab-plugin 3 org.jenkins-ci.plugins:xpath-config-viewer 3 org.apache.sling:org.apache.sling.api 3 org.springframework.cloud:spring-cloud-config-server 3 org.jsoup:jsoup 3