Filters
Versions
2.303.2
5
2.318
5
1.625.1
4
2.235.1
4
2.244
4
1.639
3
2.355
3
2.121.1
2
2.122
2
2.132
2
2.150.1
2
2.235.3
2
2.251
2
2.263.1
2
2.274
2
2.332.3
2
2.46.1
2
2.56
2
2.89.1
2
2.94
2
1.480.2
1
1.501
1
1.532.1
1
1.550
1
1.565.2
1
1.582
1
1.596.1
1
1.605
1
1.637
1
1.651.1
1
2.107.2
1
2.120
1
2.121.2
1
2.137
1
2.138.1
1
2.138.3
1
2.145
1
2.153
1
2.158
1
2.159
1
2.164.1
1
2.171
1
2.176.1
1
2.176.2
1
2.185
1
2.191
1
2.2
1
2.204.1
1
2.204.5
1
2.217
1
2.218
1
2.222.1
1
2.227
1
2.266
1
2.277.1
1
2.320
1
2.332.1
1
2.335
1
2.367
1
2.369
1
2.401.2
1
2.414.2
1
2.415
1
2.426.2
1
2.427
1
2.44
1
2.441
1
2.442
1
2.73.1
1
2.73.2
1
2.81
1
2.83
1
2.88
1
lts 2.426.3
1
Jenkins JenkinsJenkins 2.217 through 2.441 (both inclusive), LTS 2.222.1 through 2.426.2 (both inclusive) does not …
8.8
EPSS
0.09%
First published (updated )
maven/org.eclipse.jetty.http2:http2-hpackHTTP/2 HPACK integer overflow and buffer allocation
7.5
First published (updated )
Apache Tomcat- Rapid Reset HTTP/2 vulnerability
First published (updated )
Jenkins JenkinsIn Jenkins 2.423 and earlier, LTS 2.414.1 and earlier, processing file uploads using MultipartFormDa…
8.1
First published (updated )
maven/org.jenkins-ci.main:jenkins-coreMalicious File Upload
8.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Jenkins JenkinsJenkins weekly and LTS could allow a local authenticated attacker to execute arbitrary code on the s…
8.8
First published (updated )
maven/org.jenkins-ci.main:jenkins-coreJenkins 2.393 and earlier, LTS 2.375.3 and earlier uses the Apache Commons FileUpload library withou…
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
redhat/jenkinsA flaw was found in Jenkins. Jenkins creates a temporary file when a plugin is uploaded from an admi…
7
First published (updated )
maven/org.jenkins-ci.main:jenkins-coreJenkins 2.393 and earlier, LTS 2.375.3 and earlier uses the Apache Commons FileUpload library withou…
7.5
First published (updated )
Jenkins KatalonJenkins Katalon Plugin 1.0.32 and earlier implements an agent/controller message that does not limit…
8.8
First published (updated )
Jenkins Compuware Topaz For Total TestJenkins Compuware Topaz for Total Test Plugin 2.4.8 and earlier implements an agent/controller messa…
7.5
First published (updated )
Jenkins Compuware Topaz For Total TestJenkins Compuware Topaz for Total Test Plugin 2.4.8 and earlier implements an agent/controller messa…
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Jenkins Compuware Zadviser ApiJenkins Compuware zAdviser API Plugin 1.0.3 and earlier does not restrict execution of a controller/…
8.2
First published (updated )
Jenkins Compuware Ispw OperationsJenkins Compuware ISPW Operations Plugin 1.0.8 and earlier does not restrict execution of a controll…
8.2
First published (updated )
maven/org.eclipse.jetty.http2:http2-serverA flaw was found in the Eclipse Jetty http2-server package. This flaw allows an attacker to cause a …
7.5
First published (updated )
Jenkins JenkinsJenkins 2.335 through 2.355 (both inclusive) allows attackers in some cases to bypass a protection m…
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
maven/org.jenkins-ci.main:jenkins-coreXSS, Path Traversal
8
First published (updated )
redhat/jenkinsIn Jenkins 2.355 and earlier, LTS 2.332.3 and earlier, an observable timing discrepancy on the login…
7.5
First published (updated )
Jenkins JenkinsJenkins 2.333 and earlier, LTS 2.319.2 and earlier defines custom XStream converters that have not b…
7.5
First published (updated )
redhat/jenkinsJenkins 2.299 and earlier, LTS 2.289.1 and earlier does not invalidate the previous session on login…
7.5
First published (updated )
maven/org.eclipse.jetty:jetty-serverIn Eclipse Jetty 7.2.2 to 9.4.38, 10.0.0.alpha0 to 10.0.1, and 11.0.0.alpha0 to 11.0.1, CPU usage ca…
7.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
redhat/jenkinsJenkins 2.274 and earlier, LTS 2.263.1 and earlier allows attackers with permission to create or con…
8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Cloudbees JenkinsHash collision attack vulnerability in Jenkins before 1.447, Jenkins LTS before 1.424.2, and Jenkins…
7.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Jenkins JenkinsJenkins 2.213 and earlier, LTS 2.204.1 and earlier improperly reuses encryption key parameters in th…
8.6
First published (updated )
Jenkins JenkinsUsers who cached their CLI authentication before Jenkins was updated to 2.150.2 and newer, or 2.160 …
8.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Jenkins JenkinsAn improper authorization vulnerability exists in Jenkins 2.158 and earlier, LTS 2.150.1 and earlier…
7.2
First published (updated )
Jenkins JenkinsAn improper authorization vulnerability exists in Jenkins 2.158 and earlier, LTS 2.150.1 and earlier…
7.2
First published (updated )
maven/org.jenkins-ci.main:jenkins-corePath Traversal
8.2
First published (updated )
Jenkins JenkinsA denial of service vulnerability exists in Jenkins 2.137 and earlier, 2.121.2 and earlier in BasicA…
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
maven/org.jenkins-ci.main:jenkins-coreInput Validation
7.5
First published (updated )
maven/org.jenkins-ci.main:jenkins-coreInput Validation
8.8
First published (updated )
Jenkins JenkinsJenkins versions 2.56 and earlier as well as 2.46.1 LTS and earlier are vulnerable to a login comman…
8.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.