org.jenkins-ci.main:jenkins-core vulnerabilities

Browse known CVEs and advisories by package and ecosystem. Severity tells you the worst case. What determines real risk is whether the vulnerable code actually runs in your applications.

Get a demo

Browse by ecosystem

npmPyPIMavenGoRubyGemsCargoNuGetComposerpubSwiftGitHub Actions
CVE-IDSeverityPackage summary
CVE-2017-2612Mediumorg.jenkins-ci.main:jenkins-core: Incorrect Permission Assignment for Critical Resource in JenkinsCVE-2017-2608Highorg.jenkins-ci.main:jenkins-core: Deserialization of Untrusted Data in JenkinsCVE-2017-2607Mediumorg.jenkins-ci.main:jenkins-core: Improper Neutralization of Input During Web Page Generation in JenkinsCVE-2015-7539Highorg.jenkins-ci.main:jenkins-core: Jenkins does not Verify Checksums for Plugin FilesCVE-2015-7537Highorg.jenkins-ci.main:jenkins-core: Jenkins Vulnerable to Cross-Site Request Forgery (CSRF) AttackCVE-2015-7538Highorg.jenkins-ci.main:jenkins-core: Jenkins Vulnerable to Cross-Site Request Forgery (CSRF) AttackCVE-2015-5323Mediumorg.jenkins-ci.main:jenkins-core: Jenkins allows Administrators to Access API TokensCVE-2015-5318Loworg.jenkins-ci.main:jenkins-core: Jenkins Vulnerable to Cross-Site Request Forgery (CSRF) AttackCVE-2015-5320Mediumorg.jenkins-ci.main:jenkins-core: Jenkins allows Exposure of Sensitive Information to an Unauthorized ActorCVE-2015-5324Mediumorg.jenkins-ci.main:jenkins-core: Jenkins allows Unauthorized Viewing of Queue API InformationCVE-2015-5319Mediumorg.jenkins-ci.main:jenkins-core: Jenkins has XML External Entity (XXE) Vulnerability in Job Configuration via CLICVE-2015-5317Highorg.jenkins-ci.main:jenkins-core: Jenkins discloses project names via fingerprintsCVE-2015-5322Mediumorg.jenkins-ci.main:jenkins-core: Jenkins has Local File Inclusion VulnerabilityCVE-2015-5326Loworg.jenkins-ci.main:jenkins-core: Jenkins allows Cross-Site Scripting (XSS)CVE-2015-5325Mediumorg.jenkins-ci.main:jenkins-core: Jenkins allows Bypass of Access RestrictionsCVE-2015-5321Mediumorg.jenkins-ci.main:jenkins-core: Jenkins has Information Disclosure via Sidepanel WidgetCVE-2017-1000400Mediumorg.jenkins-ci.main:jenkins-core: Missing Authorization in JenkinsCVE-2017-2611Mediumorg.jenkins-ci.main:jenkins-core: Incorrect Authorization in Jenkins CoreCVE-2017-2599Mediumorg.jenkins-ci.main:jenkins-core: Incorrect Authorization in JenkinsCVE-2019-1003004Highorg.jenkins-ci.main:jenkins-core: Improper Authorization in Jenkins CoreCVE-2019-1003003Highorg.jenkins-ci.main:jenkins-core: Improper Authorization in Jenkins CoreCVE-2017-2601Mediumorg.jenkins-ci.main:jenkins-core: Cross-site Scripting in JenkinsCVE-2017-1000353Criticalorg.jenkins-ci.main:jenkins-core: Deserialization of Untrusted Data in JenkinsCVE-2018-1000067Mediumorg.jenkins-ci.main:jenkins-core: Server-Side Request Forgery in JenkinsCVE-2018-1999007Mediumorg.jenkins-ci.main:jenkins-core: Cross-site scripting vulnerability exists in Jenkins and Stapler Plugin

Stop the waste.
Protect your environment with Kodem.