Data

Tools

Indexes

Applications

Experiments

Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

maven

org.jenkins-ci.main:jenkins-core

maven

Security Advisories for org.jenkins-ci.main:jenkins-core in maven

Moderate
3 months ago

Jenkins is missing a permission check in the authenticated users' profile menu GSA_kwCzR0hTQS0yMjNtLTRyZnAtNjQ2aM4ABMSi

maven org.jenkins-ci.main:jenkins-core
Moderate
3 months ago

Jenkins has a missing permission check, allowing users to obtain agent names GSA_kwCzR0hTQS02N3Y0LTM4aDctOWpqcM4ABMSb

maven org.jenkins-ci.main:jenkins-core
Moderate
3 months ago

Jenkins has a log message injection vulnerability GSA_kwCzR0hTQS1xcmg1LWpnOTgtY3I0OM4ABMSc

maven org.jenkins-ci.main:jenkins-core
Moderate
8 months ago

Jenkins Missing Permission Check GSA_kwCzR0hTQS01NjVyLXBmNXEtNDV2Ns4ABGVN

maven org.jenkins-ci.main:jenkins-core
Moderate
8 months ago

Jenkins Missing Permission Check GSA_kwCzR0hTQS13cjZ3LWp4ZzctcXBmaM4ABGVY

maven org.jenkins-ci.main:jenkins-core
Moderate
9 months ago

Jenkins cross-site request forgery (CSRF) vulnerability GSA_kwCzR0hTQS03Zzk1LWptZzktaDUyNM4ABFJN

maven org.jenkins-ci.main:jenkins-core
Moderate
9 months ago

Jenkins reveals encrypted values of secrets stored in agent configuration to users with Agent/Extended Read permission GSA_kwCzR0hTQS1wMzRqLXIzY2gtYzk4Nc4ABFJJ

maven org.jenkins-ci.main:jenkins-core
Moderate
9 months ago

Jenkins reveals encrypted values of secrets stored in agent configuration to users with Agent/Extended Read permission GSA_kwCzR0hTQS1yZmg2LTlyMnEtOTh2Zs4ABFJK

maven org.jenkins-ci.main:jenkins-core
Moderate
9 months ago

Jenkins Open Redirect vulnerability GSA_kwCzR0hTQS04aG12LTkyd20tMzljaM4ABFJP

maven org.jenkins-ci.main:jenkins-core
Moderate
about 1 year ago

Jenkins exposes multi-line secrets through error messages GSA_kwCzR0hTQS1wajk1LXBoNHEtNHFtNM4AA_6u

maven org.jenkins-ci.main:jenkins-core
Moderate
about 1 year ago

Jenkins item creation restriction bypass vulnerability GSA_kwCzR0hTQS1mOXFqLTc3cTItaDVjNc4AA_6r

maven org.jenkins-ci.main:jenkins-core
High
over 1 year ago

Jenkins Remoting library arbitrary file read vulnerability GSA_kwCzR0hTQS1oODU2LWZmdnYteHZyNM4AA-cu

maven org.jenkins-ci.main:jenkins-core, org.jenkins-ci.main:remoting
Moderate
over 1 year ago

Jenkins does not perform a permission check in an HTTP endpoint GSA_kwCzR0hTQS04cHY5LXFoOTYtOWhjNs4AA-cv

maven org.jenkins-ci.main:jenkins-core
High
almost 2 years ago

Cross-site WebSocket hijacking vulnerability in the Jenkins CLI GSA_kwCzR0hTQS01M3BoLTJyMngtdnF3OM4AA4qv

maven org.jenkins-ci.main:jenkins-core
Critical
almost 2 years ago

Arbitrary file read vulnerability through the Jenkins CLI can lead to RCE GSA_kwCzR0hTQS02ZjlnLWN4d3ItcTVqcs4AA4qu

maven org.jenkins-ci.main:jenkins-core
High
about 2 years ago

Jenkins temporary plugin file created with insecure permissions GSA_kwCzR0hTQS01NXdwLTNwcTQtdzhwOc4AA1-L

maven org.jenkins-ci.main:jenkins-core
Moderate
about 2 years ago

Jenkins does not exclude sensitive build variables from search GSA_kwCzR0hTQS0yNzlmLXF3Z2gtaDVtcM4AA1-D

maven org.jenkins-ci.main:jenkins-core
Low
about 2 years ago

Jenkins temporary uploaded file created with insecure permissions GSA_kwCzR0hTQS1xdjY0LXc5OWMtcWNyOc4AA1-K

maven org.jenkins-ci.main:jenkins-core
High
about 2 years ago

Jenkins Cross-site Scripting vulnerability GSA_kwCzR0hTQS01ajQ2LTVod3EtZ3doN84AA1-J

maven org.jenkins-ci.main:jenkins-core
Low
about 2 years ago

Jenkins temporary uploaded file created with insecure permissions GSA_kwCzR0hTQS1ocTg3LWg0amctdnhmd84AA1-C

maven org.jenkins-ci.main:jenkins-core
High
over 2 years ago

Jenkins Stored Cross-site Scripting vulnerability GSA_kwCzR0hTQS02OXZ3LTNwY20tODRyd84AA05m

maven org.jenkins-ci.main:jenkins-core
High
over 2 years ago

Jenkins CSRF protection bypass vulnerability GSA_kwCzR0hTQS05OGZwLXIyMmctd3BqN84AAz2W

maven org.jenkins-ci.main:jenkins-core
Low
over 2 years ago

Incorrect Authorization in Jenkins Core GSA_kwCzR0hTQS01ODRtLTdyNG0tOGo2ds4AAyCI

maven org.jenkins-ci.main:jenkins-core
High
over 2 years ago

Cross-site Scripting vulnerability in Jenkins GSA_kwCzR0hTQS1qNjY0LXFoaDQtaHBmOM4AAyCa

maven org.jenkins-ci.main:jenkins-core
Low
over 2 years ago

Information disclosure through error stack traces related to agents GSA_kwCzR0hTQS1ycmdwLWMydzgtNnZnNs4AAyCG

maven org.jenkins-ci.main:jenkins-core
Moderate
over 2 years ago

Incorrect Permission Preservation in Jenkins Core GSA_kwCzR0hTQS1jajZyLThweGotNWp2Ns4AAyCF

maven org.jenkins-ci.main:jenkins-core
High
over 2 years ago

Incorrect Authorization in Jenkins Core GSA_kwCzR0hTQS1oZjloLXZ2NG0tMmYzM84AAyCn

maven org.jenkins-ci.main:jenkins-core
High
over 2 years ago

Denial of service in Jenkins Core GSA_kwCzR0hTQS1oNzZwLW1jNjgtanYzcM4AAyCk

maven org.jenkins-ci.main:jenkins-core
Moderate
over 2 years ago

Denial of service in Jenkins Core GSA_kwCzR0hTQS1mcmdyLWM1ZjItOHFoaM4AAyCc

maven org.jenkins-ci.main:jenkins-core
High
about 3 years ago

Jenkins vulnerable to stored cross site scripting in the I:helpIcon component GSA_kwCzR0hTQS14cHZwLWg3M2MtbTlycc4AAu-W

maven org.jenkins-ci.main:jenkins-core
High
over 3 years ago

Cross-site Scripting vulnerability in Jenkins GSA_kwCzR0hTQS02MndmLTI0YzQtOHI3Ns4AAs8i

maven org.jenkins-ci.main:jenkins-core
Moderate
over 3 years ago

Observable timing discrepancy allows determining username validity in Jenkins GSA_kwCzR0hTQS05Z3JqLWo0M20tbWpxcs4AAs7n

maven org.jenkins-ci.main:jenkins-core
High
over 3 years ago

Cross-site Scripting vulnerability in Jenkins GSA_kwCzR0hTQS1taHA3LTMzOTMtcGZxcs4AAs8g

maven org.jenkins-ci.main:jenkins-core
High
over 3 years ago

Cross-site Scripting vulnerability in Jenkins GSA_kwCzR0hTQS02ZzRyLXE3cWctNnF4Ns4AAs8p

maven org.jenkins-ci.main:jenkins-core
High
over 3 years ago

Unauthorized view fragment access in Jenkins GSA_kwCzR0hTQS1wM3JjLTk0NmgtOGNmNc4AAs8u

maven org.jenkins-ci.main:jenkins-core
High
over 3 years ago

Cross-site Scripting vulnerability in Jenkins GSA_kwCzR0hTQS03Zjg0LXA2cjUtanI2cc4AAs8h

maven org.jenkins-ci.main:jenkins-core
Moderate
over 3 years ago

Improper Neutralization of Input During Web Page Generation in Jenkins GSA_kwCzR0hTQS1odzU1LWY4d2MtODJtNs4AAq6O

maven org.jenkins-ci.main:jenkins-core
Moderate
over 3 years ago

Improper Neutralization of Input During Web Page Generation in Jenkins GSA_kwCzR0hTQS1oZzZnLWpqN2cteDZ2Ms4AAq6R

maven org.jenkins-ci.main:jenkins-core
Moderate
over 3 years ago

Improper Neutralization of Input During Web Page Generation in Jenkins GSA_kwCzR0hTQS05cWdmLTRmcGYtY21oMs4AAq6N

maven org.jenkins-ci.main:jenkins-core
Moderate
over 3 years ago

Exposure of Sensitive Information to an Unauthorized Actor in Jenkins GSA_kwCzR0hTQS00N3djLXA1Y3Atdzdwd84AAq6Q

maven org.jenkins-ci.main:jenkins-core
Moderate
over 3 years ago

Improper Neutralization of Input During Web Page Generation in Jenkins GSA_kwCzR0hTQS03Y2pjLXhwcHIteGo2eM4AAq6P

maven org.jenkins-ci.main:jenkins-core
Moderate
over 3 years ago

Improper Neutralization of Input During Web Page Generation in Jenkins GSA_kwCzR0hTQS1xNnE5LTgzeHctbXA2cM4AAq6J

maven org.jenkins-ci.main:jenkins-core
Critical
over 3 years ago

Multiple vulnerabilities allow bypassing path filtering of agent-to-controller access control in Jenkins GSA_kwCzR0hTQS00ZzM4LWhybTQtcmc5NM4AAqkP

maven org.jenkins-ci.main:jenkins-core
Critical
over 3 years ago

Multiple vulnerabilities allow bypassing path filtering of agent-to-controller access control in Jenkins GSA_kwCzR0hTQS1qM2NxLWg2dmgtZ3g3Zs4AAqj5

maven org.jenkins-ci.main:jenkins-core
Critical
over 3 years ago

Multiple vulnerabilities allow bypassing path filtering of agent-to-controller access control in Jenkins GSA_kwCzR0hTQS01OHhtLW14amYtMjU0Z84AAqkM

maven org.jenkins-ci.main:jenkins-core
Critical
over 3 years ago

Multiple vulnerabilities allow bypassing path filtering of agent-to-controller access control in Jenkins GSA_kwCzR0hTQS0yYzc5LWgyaDUtZzNmd84AAqj1

maven org.jenkins-ci.main:jenkins-core
Critical
over 3 years ago

Multiple vulnerabilities allow bypassing path filtering of agent-to-controller access control in Jenkins GSA_kwCzR0hTQS1wZ2o2LWptajUtd3FmeM4AAqj8

maven org.jenkins-ci.main:jenkins-core
Critical
over 3 years ago

Multiple vulnerabilities allow bypassing path filtering of agent-to-controller access control in Jenkins GSA_kwCzR0hTQS05Mjl3LXE0MzMtNGg5eM4AAqj-

maven org.jenkins-ci.main:jenkins-core
Critical
over 3 years ago

Multiple vulnerabilities allow bypassing path filtering of agent-to-controller access control in Jenkins GSA_kwCzR0hTQS0zcTg0LXZydngtcmZ2Zs4AAqkF

maven org.jenkins-ci.main:jenkins-core
Critical
over 3 years ago

Multiple vulnerabilities allow bypassing path filtering of agent-to-controller access control in Jenkins GSA_kwCzR0hTQS05N2MzLXc5Y3ItNnFjMs4AAqkN

maven org.jenkins-ci.main:jenkins-core
Critical
over 3 years ago

Multiple vulnerabilities allow bypassing path filtering of agent-to-controller access control in Jenkins GSA_kwCzR0hTQS04eGc0LXhxMnYtdjZqN84AAqkL

maven org.jenkins-ci.main:jenkins-core
Critical
over 3 years ago

Multiple vulnerabilities allow bypassing path filtering of agent-to-controller access control in Jenkins GSA_kwCzR0hTQS1tOWhyLTI1OWYtMnYyM84AAqj9

maven org.jenkins-ci.main:jenkins-core
High
over 3 years ago

Agent-to-controller access control allowed writing to sensitive directory used by Jenkins Pipeline: Shared Groovy Libraries Plugin GSA_kwCzR0hTQS1jNXI5LXJ4NTMtcTNnZs4AAqkB

maven org.jenkins-ci.main:jenkins-core
Critical
over 3 years ago

Multiple vulnerabilities allow bypassing path filtering of agent-to-controller access control in Jenkins GSA_kwCzR0hTQS1jdnZtLTRjcjktcjQzNs4AAqkD

maven org.jenkins-ci.main:jenkins-core
Critical
over 3 years ago

Agent-to-controller access control allows reading/writing most content of build directories in Jenkins GSA_kwCzR0hTQS1jdjJ3LXE4YzMteGp2N84AAqj6

maven org.jenkins-ci.main:jenkins-core
Moderate
over 3 years ago

Path traversal vulnerability on Windows in Jenkins GSA_kwCzR0hTQS00cHc1LXI1OGgtZnYyNM4AAqOh

maven org.jenkins-ci.main:jenkins-core
Moderate
over 3 years ago

Improper handling of equivalent directory names on Windows in Jenkins GSA_kwCzR0hTQS02cTRnLTg0ZjMtbXc3NM4AAqOq

maven org.jenkins-ci.main:jenkins-core
Moderate
over 3 years ago

Improper permission checks allow canceling queue items and aborting builds in Jenkins GSA_kwCzR0hTQS1xNHdwLThjOTktNjlwd84AAo_d

maven org.jenkins-ci.main:jenkins-core
High
over 3 years ago

Session fixation vulnerability in Jenkins GSA_kwCzR0hTQS00d3I5LTJ4YzYtam1nNc4AAo_q

maven org.jenkins-ci.main:jenkins-core
Moderate
over 3 years ago

View name validation bypass in Jenkins GSA_kwCzR0hTQS13Mmh2LXJjcXItMmg3cs4AAoE2

maven org.jenkins-ci.main:jenkins-core
Moderate
over 3 years ago

Lack of type validation in agent related REST API in Jenkins GSA_kwCzR0hTQS1wdnd4LTNqeDUtMjRyMs4AAoE-

maven org.jenkins-ci.main:jenkins-core
Moderate
over 3 years ago

Time-of-check Time-of-use (TOCTOU) Race Condition in Jenkins GSA_kwCzR0hTQS1xeHA2LTI3Z3ctOTljas4AAnWa

maven org.jenkins-ci.main:jenkins-core
Moderate
over 3 years ago

Reflected XSS vulnerability in Jenkins markup formatter preview GSA_kwCzR0hTQS03cWYzLWMycTgtNjltM84AAnOa

maven org.jenkins-ci.main:jenkins-core
Moderate
over 3 years ago

Excessive memory allocation in graph URLs leads to denial of service in Jenkins GSA_kwCzR0hTQS1jeHF3LXZqY3ItZ3A1Z84AAnOQ

maven org.jenkins-ci.main:jenkins-core
Moderate
over 3 years ago

Stored XSS vulnerability in Jenkins on new item page GSA_kwCzR0hTQS1tajdxLWNtZjMtbWc3aM4AAnOV

maven org.jenkins-ci.main:jenkins-core
High
over 3 years ago

Path traversal vulnerability in Jenkins agent names GSA_kwCzR0hTQS1weGdxLWdxcjktNWd3eM4AAnOR

maven org.jenkins-ci.main:jenkins-core
Moderate
over 3 years ago

Stored XSS vulnerability in Jenkins button labels GSA_kwCzR0hTQS13djYzLWd3cjktNWM1Nc4AAnOM

maven org.jenkins-ci.main:jenkins-core
Moderate
over 3 years ago

Arbitrary file read vulnerability in workspace browsers in Jenkins GSA_kwCzR0hTQS12cGptLTU4Y3ctcjhxNc4AAnOi

maven org.jenkins-ci.main:jenkins-core
Moderate
over 3 years ago

Arbitrary file existence check in file fingerprints in Jenkins GSA_kwCzR0hTQS1mNTg1LTlmdzMtcmoybc4AAnOk

maven org.jenkins-ci.main:jenkins-core
High
over 3 years ago

Improper handling of REST API XML deserialization errors in Jenkins GSA_kwCzR0hTQS1xdjZmLXJjdjYtNnEzeM4AAnOP

maven org.jenkins-ci.main:jenkins-core
Moderate
over 3 years ago

XSS vulnerability in Jenkins notification bar GSA_kwCzR0hTQS05OGdxLTZoeGctNTJyNs4AAnOI

maven org.jenkins-ci.main:jenkins-core
Moderate
over 3 years ago

Missing permission check for paths with specific prefix in Jenkins GSA_kwCzR0hTQS00NjI1LXE1MnctMzljeM4AAnOJ

maven org.jenkins-ci.main:jenkins-core
High
over 3 years ago

Jenkins Cross-Site Scripting vulnerability in help icons GSA_kwCzR0hTQS1odm1jLTdnMngtcjNwOc4AAllE

maven org.jenkins-ci.main:jenkins-core
Moderate
over 3 years ago

Improper Neutralization of Input During Web Page Generation in Jenkins GSA_kwCzR0hTQS1qcHZxLXY3MjktN2oyaM4AAlk6

maven org.jenkins-ci.main:jenkins-core
High
over 3 years ago

Jenkins Cross-site Scripting vulnerability in project naming strategy GSA_kwCzR0hTQS05ZzRtLWZmeDYtYzI5Z84AAllI

maven org.jenkins-ci.main:jenkins-core
High
over 3 years ago

Stored XSS vulnerability in Jenkins 'keep forever' badge icon GSA_kwCzR0hTQS04NjR2LTVxMmctZnI2NM4AAlYf

maven org.jenkins-ci.main:jenkins-core
High
over 3 years ago

Stored XSS vulnerability in Jenkins console links GSA_kwCzR0hTQS1nZmhqLTUyNHEtZ2Nybc4AAlYZ

maven org.jenkins-ci.main:jenkins-core
High
over 3 years ago

Stored XSS vulnerability in Jenkins job build time trend GSA_kwCzR0hTQS1xZ2o0LXJjOG0tNDRtcc4AAlYS

maven org.jenkins-ci.main:jenkins-core
High
over 3 years ago

Stored XSS vulnerability in Jenkins upstream cause GSA_kwCzR0hTQS1nNGo2LW0zbTMtY3J3OM4AAlYJ

maven org.jenkins-ci.main:jenkins-core
High
over 3 years ago

Cross-Site Request Forgery in Jenkins GSA_kwCzR0hTQS1jNzM1LWc5ZjItMm12cM4AAkDI

maven org.jenkins-ci.main:jenkins-core
Moderate
over 3 years ago

Improper Neutralization of Input During Web Page Generation in Jenkins GSA_kwCzR0hTQS0yeGNtLWg3dnYtZzhtOc4AAkDZ

maven org.jenkins-ci.main:jenkins-core
Moderate
over 3 years ago

Improper Neutralization of Input During Web Page Generation in Jenkins GSA_kwCzR0hTQS1nOHBnLXFydm0td2doMs4AAkDM

maven org.jenkins-ci.main:jenkins-core
Moderate
over 3 years ago

Improper Neutralization of Input During Web Page Generation in Jenkins GSA_kwCzR0hTQS1jcmcyLTZ4djMtcWc1Zs4AAkC-

maven org.jenkins-ci.main:jenkins-core
Low
over 3 years ago

Jenkins REST APIs vulnerable to clickjacking GSA_kwCzR0hTQS03eHA4LTd3cXgtNWhxeM4AAjcV

maven org.jenkins-ci.main:jenkins-core
Moderate
over 3 years ago

Non-constant time HMAC comparison GSA_kwCzR0hTQS1majZmLTY5MzMtODM5as4AAjcN

maven org.jenkins-ci.main:jenkins-core
Moderate
over 3 years ago

Memory usage graphs accessible to anyone with Overall/Read GSA_kwCzR0hTQS1yNzhxLXFneDYtNjRwcM4AAjcT

maven org.jenkins-ci.main:jenkins-core
Moderate
over 3 years ago

Jenkins Diagnostic page exposed session cookies GSA_kwCzR0hTQS00ampqLWNtN3EtdjZocs4AAjcO

maven org.jenkins-ci.main:jenkins-core
Moderate
over 3 years ago

Jenkins vulnerable to UDP amplification reflection attack GSA_kwCzR0hTQS1ncHh2LTc3NnAtN2djN84AAjcM

maven org.jenkins-ci.main:jenkins-core
High
over 3 years ago

Inbound TCP Agent Protocol/3 authentication bypass in Jenkins GSA_kwCzR0hTQS1xcDRmLTJ3NjctYzhod84AAjcR

maven org.jenkins-ci.main:jenkins-core
Moderate
over 3 years ago

Non-constant time comparison of inbound TCP agent connection secret GSA_kwCzR0hTQS13N2pyLXdxdzYtNTR4Y84AAjcJ

maven org.jenkins-ci.main:jenkins-core
High
over 3 years ago

XML external entity (XXE) vulnerability in Jenkins GSA_kwCzR0hTQS1xZzd4LTRoNHEtM200Oc4AAjQr

maven org.jenkins-ci.main:jenkins-core
High
over 3 years ago

XML external entity (XXE) vulnerability in Jenkins GSA_kwCzR0hTQS1xajI3LXc5MmgtZmM5cs4AAjQo

maven org.jenkins-ci.main:jenkins-core
Moderate
over 3 years ago

Improper Neutralization of Input During Web Page Generation in Jenkins GSA_kwCzR0hTQS05bTQ4LTU0cGotaDI0OM4AAh6P

maven org.jenkins-ci.main:jenkins-core
High
over 3 years ago

Cross-Site Request Forgery in Jenkins GSA_kwCzR0hTQS12Y3I4LWg4cXAtcWo4aM4AAh6e

maven org.jenkins-ci.main:jenkins-core
High
over 3 years ago

Cross-Site Request Forgery in Jenkins GSA_kwCzR0hTQS1oY3hmLXJxNzItaDRycs4AAhUU

maven org.jenkins-ci.main:jenkins-core
Moderate
over 3 years ago

Missing Authorization in Jenkins GSA_kwCzR0hTQS02amZjLW1jOTctYzd3Z84AAhUt

maven org.jenkins-ci.main:jenkins-core
Moderate
over 3 years ago

Improper Limitation of a Pathname to a Restricted Directory in Jenkins GSA_kwCzR0hTQS1xcjQyLTgycWotbXc2Nc4AAhUj

maven org.jenkins-ci.main:jenkins-core
Low
over 3 years ago

Jenkins allows Cross-Site Scripting (XSS) GSA_kwCzR0hTQS1xM3JwLTU1NXItaGg2cs4AAdUF

maven org.jenkins-ci.main:jenkins-core
Moderate
over 3 years ago

Jenkins allows Remote Attackers to Hijack Sessions GSA_kwCzR0hTQS05YzI2LWNmOGMtbXc0M84AAdUB

maven org.jenkins-ci.main:jenkins-core
Moderate
over 3 years ago

Jenkins allows attackers to configure restricted projects GSA_kwCzR0hTQS1oNWp2LWhnNjgtbWpoZ84AAdTm

maven org.jenkins-ci.main:jenkins-core

Filter by Severity

Moderate 148 High 56 Low 19 Critical 19