Filters
Versions
1.625.1
15
1.532.1
11
1.550
11
1.637
11
2.303.2
11
2.263.1
10
2.274
10
2.318
10
2.73.1
8
2.83
8
1.409.1
7
1.409.2
7
1.437
7
1.565.2
7
1.582
7
1.651.1
7
2.121.1
7
2.132
7
2.204.1
7
2.218
7
1.400
6
1.401
6
1.402
6
1.403
6
1.404
6
1.405
6
1.406
6
1.407
6
1.408
6
1.409
6
1.410
6
1.411
6
1.412
6
1.413
6
1.414
6
1.415
6
1.416
6
1.417
6
1.418
6
1.419
6
1.420
6
1.421
6
1.422
6
1.423
6
1.424
6
1.425
6
1.426
6
1.427
6
1.428
6
1.429
6
1.430
6
1.431
6
1.432
6
1.433
6
1.434
6
1.435
6
1.436
6
1.501
6
1.649
6
2.121.2
6
2.122
6
2.137
6
2.138.1
6
2.145
6
2.176.3
6
2.196
6
2.2
6
2.355
6
1.480.2
5
1.642.1
5
1.409.3
4
1.424.1
4
1.424.2
4
1.424.3
4
1.424.4
4
1.424.5
4
1.424.6
4
1.447.1
4
1.447.2
4
1.466.1
4
1.466.2
4
1.580.3
4
1.599
4
1.639
4
2.107.2
4
2.120
4
2.138.3
4
2.153
4
2.204.5
4
2.227
4
2.235.1
4
2.244
4
2.277.1
4
2.46.1
4
2.56
4
1.596.1
3
1.605
3
2.176.1
3
2.185
3
2.235.3
3
2.251
3
2.332.3
3
1.301
2
1.302
2
1.303
2
1.304
2
1.305
2
1.306
2
1.307
2
1.308
2
1.309
2
1.310
2
1.311
2
1.312
2
1.313
2
1.314
2
1.315
2
1.316
2
1.317
2
1.318
2
1.319
2
1.320
2
1.321
2
1.322
2
1.323
2
1.324
2
1.325
2
1.326
2
1.327
2
1.328
2
1.329
2
1.330
2
1.331
2
1.332
2
1.333
2
1.334
2
1.335
2
1.336
2
1.337
2
1.338
2
1.339
2
1.340
2
1.341
2
1.342
2
1.343
2
1.344
2
1.345
2
1.346
2
1.347
2
1.348
2
1.349
2
1.350
2
1.351
2
1.352
2
1.353
2
1.354
2
1.355
2
1.356
2
1.357
2
1.358
2
1.359
2
1.360
2
1.361
2
1.362
2
1.363
2
1.364
2
1.365
2
1.366
2
1.367
2
1.368
2
1.369
2
1.370
2
1.371
2
1.372
2
1.373
2
1.374
2
1.375
2
1.376
2
1.377
2
1.378
2
1.379
2
1.380
2
1.382
2
1.383
2
1.384
2
1.386
2
1.387
2
1.388
2
1.389
2
1.390
2
1.391
2
1.392
2
1.393
2
1.394
2
1.395
2
1.396
2
1.397
2
1.398
2
1.399
2
1.585
2
2.105
2
2.106
2
2.107.1
2
2.150.1
2
2.164.1
2
2.171
2
2.176.2
2
2.191
2
2.286
2
2.303.1
2
2.314
2
2.332.1
2
2.340
2
2.73.2
2
2.88
2
2.89.1
2
2.89.3
2
2.94
2
1.498
1
1.523
1
1.565.3
1
1.586
1
2.138
1
2.158
1
2.159
1
2.19.2
1
2.217
1
2.222.1
1
2.266
1
2.270
1
2.31
1
2.319.1
1
2.320
1
2.321
1
2.329
1
2.335
1
2.367
1
2.369
1
2.401.2
1
2.414.2
1
2.415
1
2.426.2
1
2.427
1
2.44
1
2.441
1
2.442
1
2.50
1
2.60.1
1
2.81
1
2.93
1
lts 2.426.3
1
maven/org.jenkins-ci.main:jenkins-coreIf an attempt is made to create an item of a type prohibited by `ACL#hasCreatePermission2` or `TopLe…
4.3
First published (updated )
maven/org.jenkins-ci.main:jenkins-coreJenkins 2.478 and earlier, LTS 2.462.2 and earlier does not redact multi-line secret values in error…
4.3
First published (updated )
maven/org.jenkins-ci.main:jenkins-coreJenkins 2.470 and earlier, LTS 2.452.3 and earlier does not perform a permission check in an HTTP en…
6.3
First published (updated )
maven/org.jenkins-ci.main:jenkins-corePath Traversal
9.1
First published (updated )
Jenkins JenkinsJenkins 2.217 through 2.441 (both inclusive), LTS 2.222.1 through 2.426.2 (both inclusive) does not …
8.8
EPSS
0.09%
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
maven/org.jenkins-ci.main:jenkins-coreJenkins Command Line Interface (CLI) Path Traversal Vulnerability
First published (updated )
maven/org.eclipse.jetty.http2:http2-hpackHTTP/2 HPACK integer overflow and buffer allocation
7.5
First published (updated )
Apache Tomcat- Rapid Reset HTTP/2 vulnerability
First published (updated )
Jenkins JenkinsIn Jenkins 2.423 and earlier, LTS 2.414.1 and earlier, processing file uploads using MultipartFormDa…
8.1
First published (updated )
maven/org.jenkins-ci.main:jenkins-coreMalicious File Upload
8.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Jenkins JenkinsJenkins weekly and LTS could allow a local authenticated attacker to execute arbitrary code on the s…
8.8
First published (updated )
Jenkins JenkinsJenkins 2.50 through 2.423 (both inclusive), LTS 2.60.1 through 2.414.1 (both inclusive) does not ex…
4.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
maven/org.jenkins-ci.main:jenkins-coreJenkins 2.393 and earlier, LTS 2.375.3 and earlier creates a temporary file in the default temporary…
4.4
First published (updated )
maven/org.jenkins-ci.main:jenkins-coreJenkins 2.393 and earlier, LTS 2.375.3 and earlier shows temporary directories related to job worksp…
4.3
First published (updated )
maven/org.jenkins-ci.main:jenkins-coreJenkins 2.393 and earlier, LTS 2.375.3 and earlier uses the Apache Commons FileUpload library withou…
7.5
First published (updated )
redhat/jenkinsA flaw was found in Jenkins. Jenkins creates a temporary file when a plugin is uploaded from an admi…
7
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
maven/org.jenkins-ci.main:jenkins-coreJenkins 2.393 and earlier, LTS 2.375.3 and earlier uses the Apache Commons FileUpload library withou…
7.5
First published (updated )
Jenkins KatalonJenkins Katalon Plugin 1.0.32 and earlier implements an agent/controller message that does not limit…
8.8
First published (updated )
Jenkins Compuware Source Code Download For Endevor\, Pds\, And IspwJenkins Compuware Source Code Download for Endevor, PDS, and ISPW Plugin 2.0.12 and earlier implemen…
5.3
First published (updated )
Jenkins Compuware Topaz For Total TestJenkins Compuware Topaz for Total Test Plugin 2.4.8 and earlier implements an agent/controller messa…
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Jenkins Compuware Xpediter Code CoverageJenkins Compuware Xpediter Code Coverage Plugin 1.0.7 and earlier implements an agent/controller mes…
5.3
First published (updated )
Jenkins Compuware Topaz For Total TestJenkins Compuware Topaz for Total Test Plugin 2.4.8 and earlier implements an agent/controller messa…
7.5
First published (updated )
Jenkins Compuware Topaz UtilitiesJenkins Compuware Topaz Utilities Plugin 1.0.8 and earlier implements an agent/controller message th…
5.3
First published (updated )
Jenkins Compuware Zadviser ApiJenkins Compuware zAdviser API Plugin 1.0.3 and earlier does not restrict execution of a controller/…
8.2
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Jenkins Compuware Ispw OperationsJenkins Compuware ISPW Operations Plugin 1.0.8 and earlier does not restrict execution of a controll…
8.2
First published (updated )
maven/org.eclipse.jetty.http2:http2-serverA flaw was found in the Eclipse Jetty http2-server package. This flaw allows an attacker to cause a …
7.5
First published (updated )
Jenkins JenkinsJenkins 2.335 through 2.355 (both inclusive) allows attackers in some cases to bypass a protection m…
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
maven/org.jenkins-ci.main:jenkins-coreXSS, Path Traversal
8
First published (updated )
redhat/jenkinsIn Jenkins 2.355 and earlier, LTS 2.332.3 and earlier, an observable timing discrepancy on the login…
7.5
First published (updated )
Jenkins Semantic VersioningJenkins Semantic Versioning Plugin 1.13 and earlier does not restrict execution of an controller/age…
6.5
First published (updated )
Jenkins JenkinsJenkins 2.333 and earlier, LTS 2.319.2 and earlier defines custom XStream converters that have not b…
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Jenkins JenkinsJenkins 2.318 and earlier, LTS 2.303.2 and earlier allows any agent to read and write the contents o…
9.1
First published (updated )
Jenkins JenkinsFilePath#listFiles lists files outside directories with agent read access when following symbolic li…
First published (updated )
Jenkins JenkinsJenkins 2.318 and earlier, LTS 2.303.2 and earlier does not limit agent read/write access to the lib…
9.8
First published (updated )
Jenkins JenkinsFilePath#toURI, FilePath#hasSymlink, FilePath#absolutize, FilePath#isDescendant, and FilePath#get*Di…
9.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Jenkins JenkinsCreating symbolic links is possible without the symlink permission.
9.8
First published (updated )
Jenkins JenkinsFilePath#unzip and FilePath#untar were not subject to any access control.
9.1
First published (updated )
Jenkins JenkinsFilePath#reading(FileVisitor) does not reject any operations, allowing users to have unrestricted re…
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.