Browse Security Advisories
Security Advisories for org.jenkins-ci.main:jenkins-core Clear Filters
Moderate
about 3 years ago
Jenkins does not invalidate the API token when a user is deleted
maven
org.jenkins-ci.main:jenkins-core
Moderate
about 3 years ago
Jenkins allows attackers to determine whether a user exists
maven
org.jenkins-ci.main:jenkins-core
Moderate
about 3 years ago
Jenkins session fixation vulnerability
maven
org.jenkins-ci.main:jenkins-core
Moderate
about 3 years ago
Jenkins Denial of Service vulnerability
maven
org.jenkins-ci.main:jenkins-core
Low
about 3 years ago
Jenkins allows attackers to obtain sensitive information
maven
org.jenkins-ci.main:jenkins-core
Moderate
about 3 years ago
Jenkins cross-site scripting (XSS) vulnerability
maven
org.jenkins-ci.main:jenkins-core
Moderate
about 3 years ago
Improper Neutralization of Input During Web Page Generation in Jenkins
maven
org.jenkins-ci.main:jenkins-core
Moderate
about 3 years ago
Jenkins Exposure of Sensitive Information to an Unauthorized Actor vulnerability
maven
org.jenkins-ci.main:jenkins-core
Moderate
about 3 years ago
Jenkins improperly ensures trust separation
maven
org.jenkins-ci.main:jenkins-core
Moderate
about 3 years ago
Jenkins allows remote authenticated users to bypass intended restrictions and create or destroy arbitrary jobs
maven
org.jenkins-ci.main:jenkins-core
Moderate
about 3 years ago
Jenkins allows for Code Execution via Crafted Packet to the CLI
maven
org.jenkins-ci.main:jenkins-core
Moderate
about 3 years ago
Jenkins allows Remote Users to Obtain Sensitive Information from a Plugin Code
maven
org.jenkins-ci.main:jenkins-core
Moderate
about 3 years ago
Jenkins does not Restrict Reserved Names Allowing for Privilege Escalation
maven
org.jenkins-ci.main:jenkins-core
Moderate
about 3 years ago
Jenkins allows for Privilege Escalation by Remote Authenticated Users
maven
org.jenkins-ci.main:jenkins-core
Low
about 3 years ago
Jenkins allows Cross-Site Scripting (XSS)
maven
org.jenkins-ci.main:jenkins-core
Moderate
about 3 years ago
Jenkins Exposure of Sensitive Information to an Unauthorized Actor vulnerability
maven
org.jenkins-ci.main:jenkins-core
Moderate
about 3 years ago
Jenkins Cross-site Scripting vulnerability
maven
org.jenkins-ci.main:jenkins-core
Low
about 3 years ago
Jenkins Vulnerable to Denial of Service (DoS)
maven
org.jenkins-ci.main:jenkins-core
Moderate
about 3 years ago
Jenkins allows for Privilege Escalation by Remote Authenticated Users
maven
org.jenkins-ci.main:jenkins-core
Moderate
about 3 years ago
Jenkins Cross-Site Request Forgery vulnerabilities
maven
org.jenkins-ci.main:jenkins-core
Critical
about 3 years ago
Exposure of Sensitive Information to an Unauthorized Actor in Jenkins
maven
org.jenkins-ci.main:jenkins-core
Low
about 3 years ago
Jenkins allows Cross-Site Scripting (XSS) in User Configuration
maven
org.jenkins-ci.main:jenkins-core
Moderate
about 3 years ago
Jenkins directory traversal vulnerability
maven
org.jenkins-ci.main:jenkins-core
Moderate
about 3 years ago
Jenkins cross-site scripting (XSS) vulnerability
maven
org.jenkins-ci.main:jenkins-core
Moderate
about 3 years ago
Jenkins Path Traversal vulnerability
maven
org.jenkins-ci.main:jenkins-core
Moderate
about 3 years ago
Jenkins HttpOnly flag not Set for session cookies
maven
org.jenkins-ci.main:jenkins-core
Moderate
about 3 years ago
Jenkins secure flag not set on session cookies
maven
org.jenkins-ci.main:jenkins-core
Moderate
about 3 years ago
Cross-site Scripting in Jenkins Core
maven
org.jenkins-ci.main:jenkins-core
Moderate
about 3 years ago
Exposure of Sensitive Information in Jenkins Core
maven
org.jenkins-ci.main:jenkins-core
Moderate
about 3 years ago
Jenkins has CRLF Injection Vulnerability in the CLI
maven
org.jenkins-ci.main:jenkins-core
Critical
about 3 years ago
Jenkins allows Execution of Code by Opening a JRMP Listener
maven
org.jenkins-ci.main:jenkins-core
High
about 3 years ago
Jenkins allows Deserialization of Untrusted Data via an XML File
maven
org.jenkins-ci.main:jenkins-core
Critical
about 3 years ago
Exposure of Sensitive Information in Jenkins Core
maven
org.jenkins-ci.main:jenkins-core
Moderate
about 3 years ago
Jenkins allows Remote Users to Inject Build Parameters
maven
org.jenkins-ci.main:jenkins-core
Moderate
about 3 years ago
Exposure of Sensitive Information in Jenkins Core
maven
org.jenkins-ci.main:jenkins-core
Moderate
about 3 years ago
Incorrect Authorization in Jenkins Core
maven
org.jenkins-ci.main:jenkins-core
Moderate
about 3 years ago
Missing permissions check in Jenkins Core
maven
org.jenkins-ci.main:jenkins-core
Moderate
about 3 years ago
Jenkins Exposes Sensitive Information from Job Configuration
maven
org.jenkins-ci.main:jenkins-core
High
about 3 years ago
Jenkins affected by Open Redirect Vulnerability
maven
org.jenkins-ci.main:jenkins-core
Moderate
about 3 years ago
Jenkins Exposes Sensitive Information via API URL
maven
org.jenkins-ci.main:jenkins-core
Moderate
about 3 years ago
Deserialization of Untrusted Data in Jenkins
maven
org.jenkins-ci.main:jenkins-core
Low
about 3 years ago
Jenkins affected by Open Redirect Vulnerability
maven
org.jenkins-ci.main:jenkins-core
Moderate
about 3 years ago
Jenkins allows HTTP Injection and Response Splitting
maven
org.jenkins-ci.main:jenkins-core
Low
about 3 years ago
Jenkins allows Cross-Site Scripting (XSS)
maven
org.jenkins-ci.main:jenkins-core
Moderate
about 3 years ago
Jenkins vulnerable to Cross-site Scripting
maven
org.jenkins-ci.main:jenkins-core
Moderate
about 3 years ago
Jenkins Cross-site Scripting vulnerability
maven
org.jenkins-ci.main:jenkins-core
Moderate
about 3 years ago
Exposure of Sensitive Information to an Unauthorized Actor in Jenkins
maven
org.jenkins-ci.main:jenkins-core
Moderate
about 3 years ago
Deserialization of Untrusted Data in Jenkins
maven
org.jenkins-ci.main:jenkins-core
Moderate
about 3 years ago
Exposure of Sensitive Information to an Unauthorized Actor in Jenkins
maven
org.jenkins-ci.main:jenkins-core
Moderate
about 3 years ago
Improper Authentication in Jenkins
maven
org.jenkins-ci.main:jenkins-core
Moderate
about 3 years ago
Cross-site Scripting in Jenkins Core
maven
org.jenkins-ci.main:jenkins-core
Moderate
about 3 years ago
Exposure of Sensitive Information to an Unauthorized Actor in Jenkins
maven
org.jenkins-ci.main:jenkins-core
Moderate
about 3 years ago
Exposure of Sensitive Information to an Unauthorized Actor in Jenkins
maven
org.jenkins-ci.main:jenkins-core
High
about 3 years ago
Exposure of Sensitive Information to an Unauthorized Actor in Jenkins
maven
org.jenkins-ci.main:jenkins-core
Moderate
about 3 years ago
Exposure of Sensitive Information to an Unauthorized Actor in Jenkins
maven
org.jenkins-ci.main:jenkins-core
Moderate
about 3 years ago
Improper Limitation of a Pathname to a Restricted Directory in Jenkins
maven
org.kohsuke.stapler:stapler-parent, org.jenkins-ci.main:jenkins-core
Moderate
about 3 years ago
Improper Certificate Validation in Jenkins
maven
org.jenkins-ci.main:jenkins-core
Moderate
about 3 years ago
Exposure of Sensitive Information to an Unauthorized Actor in Jenkins
maven
org.jenkins-ci.main:jenkins-core
Moderate
about 3 years ago
Improper Neutralization of Input During Web Page Generation in Jenkins
maven
org.jenkins-ci.main:jenkins-core
Critical
about 3 years ago
Improper Neutralization of Special Elements used in an LDAP Query in Jenkins
maven
org.jenkins-ci.main:jenkins-core
Moderate
about 3 years ago
Exposure of Sensitive Information to an Unauthorized Actor in Jenkins
maven
org.jenkins-ci.main:jenkins-core
Moderate
about 3 years ago
Incorrect Authorization in Jenkins
maven
org.jenkins-ci.main:jenkins-core
High
about 3 years ago
Missing Release of Resource after Effective Lifetime in Jenkins
maven
org.jenkins-ci.main:jenkins-core
Moderate
about 3 years ago
Loop with Unreachable Exit Condition in Jenkins
maven
org.jenkins-ci.main:jenkins-core
High
about 3 years ago
Improper Limitation of a Pathname to a Restricted Directory in Jenkins
maven
org.jenkins-ci.main:jenkins-core
Moderate
about 3 years ago
Incomplete List of Disallowed Inputs in Jenkins
maven
org.jenkins-ci.main:jenkins-core
Moderate
about 3 years ago
Inadequate Encryption Strength in Jenkins
maven
org.jenkins-ci.main:jenkins-core
Moderate
about 3 years ago
Exposure of Sensitive Information to an Unauthorized Actor in Jenkins
maven
org.jenkins-ci.main:jenkins-core
Moderate
about 3 years ago
Improper Neutralization of Input During Web Page Generation in Jenkins
maven
org.jenkins-ci.main:jenkins-core
Low
about 3 years ago
Exposure of Sensitive Information to an Unauthorized Actor in Jenkins
maven
org.jenkins-ci.main:jenkins-core
Moderate
about 3 years ago
Exposure of Sensitive Information to an Unauthorized Actor in Jenkins
maven
org.jenkins-ci.main:jenkins-core
Moderate
about 3 years ago
Exposure of Sensitive Information to an Unauthorized Actor in Jenkins
maven
org.jenkins-ci.main:jenkins-core
Moderate
about 3 years ago
Incorrect Permission Assignment for Critical Resource in Jenkins
maven
org.jenkins-ci.main:jenkins-core
Moderate
about 3 years ago
Improper Authentication in Jenkins
maven
org.jenkins-ci.main:jenkins-core
Moderate
about 3 years ago
Improper Neutralization of Input During Web Page Generation in Jenkins
maven
org.jenkins-ci.main:jenkins-core
Moderate
about 3 years ago
Cross-Site Request Forgery in Jenkins
maven
org.jenkins-ci.main:jenkins-core
High
about 3 years ago
Deserialization of Untrusted Data in Jenkins
maven
org.jenkins-ci.main:jenkins-core
High
about 3 years ago
Jenkins Vulnerable to Cross-Site Request Forgery (CSRF) Attack
maven
org.jenkins-ci.main:jenkins-core
High
about 3 years ago
Jenkins does not Verify Checksums for Plugin Files
maven
org.jenkins-ci.main:jenkins-core
Low
about 3 years ago
Jenkins Vulnerable to Cross-Site Request Forgery (CSRF) Attack
maven
org.jenkins-ci.main:jenkins-core
Moderate
about 3 years ago
Jenkins has Local File Inclusion Vulnerability
maven
org.jenkins-ci.main:jenkins-core
Moderate
about 3 years ago
Jenkins has XML External Entity (XXE) Vulnerability in Job Configuration via CLI
maven
org.jenkins-ci.main:jenkins-core
High
about 3 years ago
Jenkins discloses project names via fingerprints
maven
org.jenkins-ci.main:jenkins-core
Moderate
about 3 years ago
Jenkins allows Unauthorized Viewing of Queue API Information
maven
org.jenkins-ci.main:jenkins-core
Moderate
about 3 years ago
Jenkins allows Exposure of Sensitive Information to an Unauthorized Actor
maven
org.jenkins-ci.main:jenkins-core
High
about 3 years ago
Jenkins Vulnerable to Cross-Site Request Forgery (CSRF) Attack
maven
org.jenkins-ci.main:jenkins-core
Moderate
about 3 years ago
Jenkins allows Bypass of Access Restrictions
maven
org.jenkins-ci.main:jenkins-core
Filter by Severity
Filter by Ecosystem
maven
6,662
packagist
5,356
pypi
4,833
npm
4,190
go
2,801
nuget
1,701
cargo
1,066
rubygems
918
hex
37
swift
35
actions
32
pub
10
Filter by Package
tensorflow
433
tensorflow-gpu
427
tensorflow-cpu
423
moodle/moodle
418
magento/community-edition
300
Microsoft.ChakraCore
247
org.jenkins-ci.main:jenkins-core
239
typo3/cms
190
org.apache.tomcat:tomcat
138
pimcore/pimcore
120
dolibarr/dolibarr
116
github.com/mattermost/mattermost/server/v8
115
typo3/cms-core
111
com.liferay.portal:release.portal.bom
110
phpmyadmin/phpmyadmin
107
Django
107
com.liferay.portal:release.dxp.bom
105
drupal/core
103
magento/project-community-edition
100
microweber/microweber
99
silverstripe/framework
92
apache-airflow
85
drupal/drupal
83
librenms/librenms
82
thorsten/phpmyfaq
73
Plone
72
symfony/symfony
69
com.fasterxml.jackson.core:jackson-databind
69
github.com/usememos/memos
66
concrete5/concrete5
65
salt
65
ansible
63
actionpack
61
apache-superset
57
org.apache.struts:struts2-core
57
shopware/platform
57
github.com/grafana/grafana
56
mlflow
53
craftcms/cms
51
org.keycloak:keycloak-core
50
nova
48
baserproject/basercms
47
nokogiri
46
django
46
org.apache.tomcat.embed:tomcat-embed-core
46
shopware/core
45
github.com/rancher/rancher
44
gradio
44
vyper
44
mautic/core
44
matrix-synapse
42
rdiffweb
42
nilsteampassnet/teampass
42
mantisbt/mantisbt
41
showdoc/showdoc
41
k8s.io/kubernetes
41
org.keycloak:keycloak-services
41
org.xwiki.platform:xwiki-platform-oldcore
41
org.elasticsearch:elasticsearch
41
plone
41
froxlor/froxlor
40
github.com/hashicorp/vault
40
github.com/mattermost/mattermost-server/v6
39
intelliants/subrion
39
directus
38
com.thoughtworks.xstream:xstream
37
snipe/snipe-it
36
net.mingsoft:ms-mcms
36
com.jfinal:jfinal
36
moin
35
github.com/answerdev/answer
34
org.jenkins-ci.plugins:script-security
34
io.undertow:undertow-core
34
zendframework/zendframework1
34
gogs.io/gogs
33
parse-server
33
keystone
32
github.com/argoproj/argo-cd/v2
31
github.com/docker/docker
31
opencv-python
31
opencv-contrib-python
31
github.com/hashicorp/nomad
31
Pillow
31
github.com/cilium/cilium
31
github.com/argoproj/argo-cd
31
shopware/shopware
30
getgrav/grav
30
github.com/hashicorp/consul
29
github.com/mattermost/mattermost-server
29
rack
29
mediawiki/core
28
org.apache.solr:solr-core
28
electron
28
org.opencms:opencms-core
27
centreon/centreon
27
pillow
26
prestashop/prestashop
26
next
26
org.springframework.security:spring-security-core
26
openssl-src
26
org.eclipse.jetty:jetty-server
25
rubygems-update
25
contao/core-bundle
25
open-webui
25
pocketmine/pocketmine-mp
24
getkirby/cms
24
github.com/traefik/traefik/v2
24
org.keycloak:keycloak-parent
24
magento/core
24
surrealdb
24
grumpydictator/firefly-iii
23
vllm
23
remdex/livehelperchat
23
simplesamlphp/simplesamlphp
23
puppet
23
laravel/framework
23
phpoffice/phpexcel
23
zendframework/zendframework
23
DotNetNuke.Core
22
org.bouncycastle:bcprov-jdk14
22
Microsoft.AspNetCore.App.Runtime.win-x64
22
Microsoft.AspNetCore.App.Runtime.win-x86
22
tribalsystems/zenario
22
@openzeppelin/contracts-upgradeable
22
ckb
22
org.apache.openmeetings:openmeetings-parent
22
Microsoft.AspNetCore.App.Runtime.win-arm
21
activerecord
21
org.apache.tomcat:tomcat-catalina
21
@openzeppelin/contracts
21
glance
21
github.com/goharbor/harbor
21
org.apache.nifi:nifi
21
github.com/ethereum/go-ethereum
21
phpoffice/phpspreadsheet
21
wasmtime
20
golang.org/x/net
20
org.cloudfoundry.identity:cloudfoundry-identity-server
20
code.gitea.io/gitea
20
langchain
20
cockpit-hq/cockpit
20
aim
20
funadmin/funadmin
20
deno
19
Microsoft.AspNetCore.App.Runtime.win-arm64
19
Microsoft.AspNetCore.App.Runtime.osx-x64
19
Microsoft.AspNetCore.App.Runtime.linux-x64
19
Microsoft.AspNetCore.App.Runtime.linux-musl-x64
19
Microsoft.AspNetCore.App.Runtime.linux-arm64
19
Microsoft.AspNetCore.App.Runtime.linux-arm
19
org.apache.tomcat:tomcat-coyote
19
github.com/zitadel/zitadel
19
pyload-ng
19
org.xwiki.platform:xwiki-platform-web-templates
19
neutron
19
helm.sh/helm/v3
19
forkcms/forkcms
18
genix/cms
18
Microsoft.AspNetCore.App.Runtime.linux-musl-arm64
18
contao/contao
18
cobbler
18
mindsdb
18
topthink/framework
18
mercurial
18
com.vaadin:vaadin-bom
18
calibreweb
17
org.springframework:spring-core
17
francoisjacquet/rosariosis
17
openmage/magento-lts
17
opencart/opencart
17
org.apache.inlong:manager-pojo
17
cryptography
17
cakephp/cakephp
17
yetiforce/yetiforce-crm
17
OctoPrint
17
symfony/security
17
notebook
17
org.apache.geode:geode-core
17
ezsystems/ezpublish-kernel
17
typo3/cms-backend
17
ethyca-fides
16
org.apache.ranger:ranger
16
tinymce
16
org.bouncycastle:bcprov-jdk15
16
github.com/openfga/openfga
16
Microsoft.NetCore.App.Runtime.win-x86
16
org.apache.dubbo:dubbo
16
Microsoft.NetCore.App.Runtime.win-arm
16
phpbb/phpbb
16
Microsoft.NetCore.App.Runtime.win-x64
16
paddlepaddle
16
october/system
16
PaddlePaddle
16
Microsoft.NetCore.App.Runtime.win-arm64
16
sequelize
16
org.apache.jspwiki:jspwiki-main
16
org.apache.activemq:activemq-client
16
github.com/traefik/traefik/v3
16
rusqlite
16
lollms
16