Filters

Versions

1.625.1
15
1.532.1
11
1.550
11
1.637
11
2.303.2
11
2.263.1
10
2.274
10
2.318
10
2.73.1
8
2.83
8
1.409.1
7
1.409.2
7
1.437
7
1.565.2
7
1.582
7
1.651.1
7
2.121.1
7
2.132
7
2.204.1
7
2.218
7
1.400
6
1.401
6
1.402
6
1.403
6
1.404
6
1.405
6
1.406
6
1.407
6
1.408
6
1.409
6
1.410
6
1.411
6
1.412
6
1.413
6
1.414
6
1.415
6
1.416
6
1.417
6
1.418
6
1.419
6
1.420
6
1.421
6
1.422
6
1.423
6
1.424
6
1.425
6
1.426
6
1.427
6
1.428
6
1.429
6
1.430
6
1.431
6
1.432
6
1.433
6
1.434
6
1.435
6
1.436
6
1.501
6
1.649
6
2.121.2
6
2.122
6
2.137
6
2.138.1
6
2.145
6
2.176.3
6
2.196
6
2.2
6
2.355
6
1.480.2
5
1.642.1
5
1.409.3
4
1.424.1
4
1.424.2
4
1.424.3
4
1.424.4
4
1.424.5
4
1.424.6
4
1.447.1
4
1.447.2
4
1.466.1
4
1.466.2
4
1.580.3
4
1.599
4
1.639
4
2.107.2
4
2.120
4
2.138.3
4
2.153
4
2.204.5
4
2.227
4
2.235.1
4
2.244
4
2.277.1
4
2.46.1
4
2.56
4
1.596.1
3
1.605
3
2.176.1
3
2.185
3
2.235.3
3
2.251
3
2.332.3
3
1.301
2
1.302
2
1.303
2
1.304
2
1.305
2
1.306
2
1.307
2
1.308
2
1.309
2
1.310
2
1.311
2
1.312
2
1.313
2
1.314
2
1.315
2
1.316
2
1.317
2
1.318
2
1.319
2
1.320
2
1.321
2
1.322
2
1.323
2
1.324
2
1.325
2
1.326
2
1.327
2
1.328
2
1.329
2
1.330
2
1.331
2
1.332
2
1.333
2
1.334
2
1.335
2
1.336
2
1.337
2
1.338
2
1.339
2
1.340
2
1.341
2
1.342
2
1.343
2
1.344
2
1.345
2
1.346
2
1.347
2
1.348
2
1.349
2
1.350
2
1.351
2
1.352
2
1.353
2
1.354
2
1.355
2
1.356
2
1.357
2
1.358
2
1.359
2
1.360
2
1.361
2
1.362
2
1.363
2
1.364
2
1.365
2
1.366
2
1.367
2
1.368
2
1.369
2
1.370
2
1.371
2
1.372
2
1.373
2
1.374
2
1.375
2
1.376
2
1.377
2
1.378
2
1.379
2
1.380
2
1.382
2
1.383
2
1.384
2
1.386
2
1.387
2
1.388
2
1.389
2
1.390
2
1.391
2
1.392
2
1.393
2
1.394
2
1.395
2
1.396
2
1.397
2
1.398
2
1.399
2
1.585
2
2.105
2
2.106
2
2.107.1
2
2.150.1
2
2.164.1
2
2.171
2
2.176.2
2
2.191
2
2.286
2
2.303.1
2
2.314
2
2.332.1
2
2.340
2
2.73.2
2
2.88
2
2.89.1
2
2.89.3
2
2.94
2
1.498
1
1.523
1
1.565.3
1
1.586
1
2.138
1
2.158
1
2.159
1
2.19.2
1
2.217
1
2.222.1
1
2.266
1
2.270
1
2.31
1
2.319.1
1
2.320
1
2.321
1
2.329
1
2.335
1
2.367
1
2.369
1
2.401.2
1
2.414.2
1
2.415
1
2.426.2
1
2.427
1
2.44
1
2.441
1
2.442
1
2.50
1
2.60.1
1
2.81
1
2.93
1
lts 2.426.3
1

maven/org.jenkins-ci.main:jenkins-coreJenkins 2.470 and earlier, LTS 2.452.3 and earlier does not perform a permission check in an HTTP en…

First published (updated )

maven/org.jenkins-ci.main:jenkins-corePath Traversal

First published (updated )

Jenkins JenkinsJenkins 2.217 through 2.441 (both inclusive), LTS 2.222.1 through 2.426.2 (both inclusive) does not …

8.8
EPSS
0.09%
First published (updated )

maven/org.jenkins-ci.main:jenkins-coreJenkins Command Line Interface (CLI) Path Traversal Vulnerability

EPSS
38.41%
First published (updated )

maven/org.eclipse.jetty.http2:http2-hpackHTTP/2 HPACK integer overflow and buffer allocation

7.5
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Apache Tomcat- Rapid Reset HTTP/2 vulnerability

First published (updated )

Jenkins JenkinsIn Jenkins 2.423 and earlier, LTS 2.414.1 and earlier, processing file uploads using MultipartFormDa…

8.1
First published (updated )

maven/org.jenkins-ci.main:jenkins-coreMalicious File Upload

8.1
First published (updated )

Jenkins JenkinsJenkins weekly and LTS could allow a local authenticated attacker to execute arbitrary code on the s…

8.8
First published (updated )

Jenkins JenkinsXSS

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Jenkins JenkinsJenkins 2.50 through 2.423 (both inclusive), LTS 2.60.1 through 2.414.1 (both inclusive) does not ex…

First published (updated )

Jenkins JenkinsXSS

First published (updated )

Jenkins JenkinsCSRF

First published (updated )

redhat/jenkinsInfoleak

First published (updated )

maven/org.jenkins-ci.main:jenkins-coreJenkins 2.393 and earlier, LTS 2.375.3 and earlier creates a temporary file in the default temporary…

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

maven/org.jenkins-ci.main:jenkins-coreJenkins 2.393 and earlier, LTS 2.375.3 and earlier shows temporary directories related to job worksp…

First published (updated )

maven/org.jenkins-ci.main:jenkins-coreJenkins 2.393 and earlier, LTS 2.375.3 and earlier uses the Apache Commons FileUpload library withou…

7.5
First published (updated )

redhat/jenkinsA flaw was found in Jenkins. Jenkins creates a temporary file when a plugin is uploaded from an admi…

First published (updated )

maven/org.jenkins-ci.main:jenkins-coreJenkins 2.393 and earlier, LTS 2.375.3 and earlier uses the Apache Commons FileUpload library withou…

7.5
First published (updated )

redhat/jenkinsXSS

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Jenkins KatalonJenkins Katalon Plugin 1.0.32 and earlier implements an agent/controller message that does not limit…

8.8
First published (updated )

Jenkins Compuware Source Code Download For Endevor\, Pds\, And IspwJenkins Compuware Source Code Download for Endevor, PDS, and ISPW Plugin 2.0.12 and earlier implemen…

First published (updated )

Jenkins Compuware Topaz For Total TestJenkins Compuware Topaz for Total Test Plugin 2.4.8 and earlier implements an agent/controller messa…

7.5
First published (updated )

Jenkins Compuware Xpediter Code CoverageJenkins Compuware Xpediter Code Coverage Plugin 1.0.7 and earlier implements an agent/controller mes…

First published (updated )

Jenkins Compuware Topaz For Total TestJenkins Compuware Topaz for Total Test Plugin 2.4.8 and earlier implements an agent/controller messa…

7.5
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Jenkins Compuware Topaz UtilitiesJenkins Compuware Topaz Utilities Plugin 1.0.8 and earlier implements an agent/controller message th…

First published (updated )

Jenkins JenkinsXSS

First published (updated )

Jenkins Compuware Zadviser ApiJenkins Compuware zAdviser API Plugin 1.0.3 and earlier does not restrict execution of a controller/…

8.2
First published (updated )

Jenkins Compuware Ispw OperationsJenkins Compuware ISPW Operations Plugin 1.0.8 and earlier does not restrict execution of a controll…

8.2
First published (updated )

maven/org.eclipse.jetty.http2:http2-serverA flaw was found in the Eclipse Jetty http2-server package. This flaw allows an attacker to cause a …

7.5
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Jenkins JenkinsJenkins 2.335 through 2.355 (both inclusive) allows attackers in some cases to bypass a protection m…

7.5
First published (updated )

Jenkins JenkinsXSS

First published (updated )

Jenkins JenkinsXSS

First published (updated )

Jenkins JenkinsXSS

First published (updated )

maven/org.jenkins-ci.main:jenkins-coreXSS, Path Traversal

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

redhat/jenkinsIn Jenkins 2.355 and earlier, LTS 2.332.3 and earlier, an observable timing discrepancy on the login…

7.5
First published (updated )

Jenkins Semantic VersioningJenkins Semantic Versioning Plugin 1.13 and earlier does not restrict execution of an controller/age…

First published (updated )

Jenkins JenkinsJenkins 2.333 and earlier, LTS 2.319.2 and earlier defines custom XStream converters that have not b…

7.5
First published (updated )

maven/org.jenkins-ci.main:jenkins-coreCSRF

First published (updated )

Jenkins JenkinsJenkins 2.318 and earlier, LTS 2.303.2 and earlier allows any agent to read and write the contents o…

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Jenkins JenkinsFilePath#listFiles lists files outside directories with agent read access when following symbolic li…

First published (updated )

Jenkins JenkinsJenkins 2.318 and earlier, LTS 2.303.2 and earlier does not limit agent read/write access to the lib…

First published (updated )

Jenkins JenkinsFilePath#toURI, FilePath#hasSymlink, FilePath#absolutize, FilePath#isDescendant, and FilePath#get*Di…

First published (updated )

Jenkins JenkinsPath Traversal

First published (updated )

Jenkins JenkinsCreating symbolic links is possible without the symlink permission.

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Jenkins JenkinsFilePath#unzip and FilePath#untar were not subject to any access control.

First published (updated )

Jenkins JenkinsPath Traversal

First published (updated )

Jenkins JenkinsFilePath#reading(FileVisitor) does not reject any operations, allowing users to have unrestricted re…

First published (updated )

Jenkins JenkinsFilePath#untar does not check permission to create symbolic links when unarchiving a symbolic link. …

First published (updated )

Jenkins JenkinsPath Traversal

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203