org.jenkins-ci.main:jenkins-core vulnerabilities

Browse known CVEs and advisories by package and ecosystem. Severity tells you the worst case. What determines real risk is whether the vulnerable code actually runs in your applications.

Get a demo

Browse by ecosystem

npmPyPIMavenGoRubyGemsCargoNuGetComposerpubSwiftGitHub Actions
CVE-IDSeverityPackage summary
CVE-2015-1811Highorg.jenkins-ci.main:jenkins-core: XML external entity (XXE) vulnerability in JenkinsCVE-2015-1809Highorg.jenkins-ci.main:jenkins-core: XML external entity (XXE) vulnerability in JenkinsCVE-2019-10384Highorg.jenkins-ci.main:jenkins-core: Cross-Site Request Forgery in JenkinsCVE-2019-10383Mediumorg.jenkins-ci.main:jenkins-core: Improper Neutralization of Input During Web Page Generation in JenkinsCVE-2019-10354Mediumorg.jenkins-ci.main:jenkins-core: Missing Authorization in JenkinsCVE-2019-10352Mediumorg.jenkins-ci.main:jenkins-core: Improper Limitation of a Pathname to a Restricted Directory in JenkinsCVE-2019-10353Highorg.jenkins-ci.main:jenkins-core: Cross-Site Request Forgery in JenkinsCVE-2011-4344Loworg.jenkins-ci.main:jenkins-core: Jenkins allows Cross-Site Scripting (XSS)CVE-2014-2060Mediumorg.jenkins-ci.main:jenkins-core: Jenkins allows Remote Attackers to Hijack SessionsCVE-2013-7330Mediumorg.jenkins-ci.main:jenkins-core: Jenkins allows attackers to configure restricted projectsCVE-2014-2058Mediumorg.jenkins-ci.main:jenkins-core: Jenkins allows attackers to execute arbitrary jobsCVE-2014-2061Mediumorg.jenkins-ci.main:jenkins-core: Jenkin allows attackers to obtain passwords by reading the HTML source codeCVE-2014-2063Mediumorg.jenkins-ci.main:jenkins-core: Jenkins Vulnerable to ClickjackingCVE-2014-2062Mediumorg.jenkins-ci.main:jenkins-core: Jenkins does not invalidate the API token when a user is deletedCVE-2014-2064Mediumorg.jenkins-ci.main:jenkins-core: Jenkins allows attackers to determine whether a user existsCVE-2014-2066Mediumorg.jenkins-ci.main:jenkins-core: Jenkins session fixation vulnerabilityCVE-2014-2065Mediumorg.jenkins-ci.main:jenkins-core: Jenkins cross-site scripting (XSS) vulnerabilityCVE-2014-3661Mediumorg.jenkins-ci.main:jenkins-core: Jenkins Denial of Service vulnerabilityCVE-2014-2068Loworg.jenkins-ci.main:jenkins-core: Jenkins allows attackers to obtain sensitive informationCVE-2015-7536Mediumorg.jenkins-ci.main:jenkins-core: Improper Neutralization of Input During Web Page Generation in JenkinsCVE-2014-3662Mediumorg.jenkins-ci.main:jenkins-core: Jenkins Exposure of Sensitive Information to an Unauthorized Actor vulnerabilityCVE-2014-3663Mediumorg.jenkins-ci.main:jenkins-core: Jenkins allows remote authenticated users to bypass intended restrictions and create or destroy…CVE-2014-3665Mediumorg.jenkins-ci.main:jenkins-core: Jenkins improperly ensures trust separationCVE-2014-3666Mediumorg.jenkins-ci.main:jenkins-core: Jenkins allows for Code Execution via Crafted Packet to the CLICVE-2014-3667Mediumorg.jenkins-ci.main:jenkins-core: Jenkins allows Remote Users to Obtain Sensitive Information from a Plugin Code

Stop the waste.
Protect your environment with Kodem.