org.jenkins-ci.main:jenkins-core
Maven241 known CVEs affecting this package
Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.
CVEs affecting org.jenkins-ci.main:jenkins-corepage 5 of 5
- CVE-2021-21694CRITICALCVSS 9.8EG 9.8✓ Fixed in 2.3192021-11-04
vulnerable: 2.304 ... 2.318 (14 versions)
FilePath#toURI, FilePath#hasSymlink, FilePath#absolutize, FilePath#isDescendant, and FilePath#get*DiskSpace do not check any permissions in Jenkins 2.318 and earlier, LTS 2.303.2 and earlier.
- CVE-2021-21695HIGHCVSS 8.8EG 8.8✓ Fixed in 2.3192021-11-04
vulnerable: 2.304 ... 2.318 (14 versions)
FilePath#listFiles lists files outside directories that agents are allowed to access when following symbolic links in Jenkins 2.318 and earlier, LTS 2.303.2 and earlier.
- CVE-2021-21696CRITICALCVSS 9.8EG 9.8✓ Fixed in 2.3192021-11-04
vulnerable: 2.304 ... 2.318 (14 versions)
Jenkins 2.318 and earlier, LTS 2.303.2 and earlier does not limit agent read/write access to the libs/ directory inside build directories when using the FilePath APIs, allowing attackers in control of agent processes to replace the code of…
- CVE-2021-21697CRITICALCVSS 9.1EG 9.1✓ Fixed in 2.3192021-11-04
vulnerable: 2.304 ... 2.318 (14 versions)
Jenkins 2.318 and earlier, LTS 2.303.2 and earlier allows any agent to read and write the contents of any build directory stored in Jenkins with very few restrictions.
- CVE-2022-0538HIGHCVSS 7.5EG 7.5✓ Fixed in 2.319.32022-02-09
vulnerable: 1.396 ... 2.99 (726 versions)
Jenkins 2.333 and earlier, LTS 2.319.2 and earlier defines custom XStream converters that have not been updated to apply the protections for the vulnerability CVE-2021-43859 and allow unconstrained resource usage.
- CVE-2022-20612MEDIUMCVSS 4.3EG 4.3✓ Fixed in 2.319.22022-01-12
vulnerable: 1.396 ... 2.99 (725 versions)
A cross-site request forgery (CSRF) vulnerability in Jenkins 2.329 and earlier, LTS 2.319.1 and earlier allows attackers to trigger build of job without parameters when no security realm is set.
- CVE-2022-34170MEDIUMCVSS 5.4EG 5.4✓ Fixed in 2.346.12022-06-23
vulnerable: 2.346
In Jenkins 2.320 through 2.355 (both inclusive) and LTS 2.332.1 through LTS 2.332.3 (both inclusive) the help icon does not escape the feature name that is part of its tooltip, effectively undoing the fix for SECURITY-1955, resulting in a …
- CVE-2022-34171MEDIUMCVSS 5.4EG 5.4✓ Fixed in 2.332.42022-06-23
vulnerable: 1.396 ... 2.99 (743 versions)
In Jenkins 2.321 through 2.355 (both inclusive) and LTS 2.332.1 through LTS 2.332.3 (both inclusive) the HTML output generated for new symbol-based SVG icons includes the 'title' attribute of 'l:ionicon' (until Jenkins 2.334) and 'alt' att…
- CVE-2022-34172MEDIUMCVSS 5.4EG 5.4✓ Fixed in 2.332.42022-06-23
vulnerable: 2.332, 2.332.1, 2.332.2, 2.332.3
In Jenkins 2.340 through 2.355 (both inclusive) symbol-based icons unescape previously escaped values of 'tooltip' parameters, resulting in a cross-site scripting (XSS) vulnerability.
- CVE-2022-34173MEDIUMCVSS 5.4EG 5.4✓ Fixed in 2.3562022-06-23
vulnerable: 2.340 ... 2.355 (16 versions)
In Jenkins 2.340 through 2.355 (both inclusive) the tooltip of the build button in list views supports HTML without escaping the job display name, resulting in a cross-site scripting (XSS) vulnerability exploitable by attackers with Job/Co…
- CVE-2022-34174HIGHCVSS 7.5EG 7.5✓ Fixed in 2.332.42022-06-23
vulnerable: 1.396 ... 2.99 (743 versions)
In Jenkins 2.355 and earlier, LTS 2.332.3 and earlier, an observable timing discrepancy on the login form allows distinguishing between login attempts with an invalid username, and login attempts with a valid username and wrong password, w…
- CVE-2022-34175HIGHCVSS 7.5EG 7.5✓ Fixed in 2.3562022-06-23
vulnerable: 2.335 ... 2.355 (21 versions)
Jenkins 2.335 through 2.355 (both inclusive) allows attackers in some cases to bypass a protection mechanism, thereby directly accessing some view fragments containing sensitive information, bypassing any permission checks in the correspon…
- CVE-2022-41224MEDIUMCVSS 5.4EG 5.4✓ Fixed in 2.3702022-09-21
vulnerable: 2.367, 2.368, 2.369
Jenkins 2.367 through 2.369 (both inclusive) does not escape tooltips of the l:helpIcon UI component used for some help icons on the Jenkins web UI, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers ab…
- CVE-2023-27898CRITICALCVSS 9.6EG 9.6✓ Fixed in 2.375.42023-03-10
vulnerable: 1.396 ... 2.99 (794 versions)
Jenkins 2.270 through 2.393 (both inclusive), LTS 2.277.1 through 2.375.3 (both inclusive) does not escape the Jenkins version a plugin depends on when rendering the error message stating its incompatibility with the current version of Jen…
- CVE-2023-27899HIGHCVSS 7.0EG 7.0✓ Fixed in 2.3942023-03-10
vulnerable: 2.388 ... 2.393 (6 versions)
Jenkins 2.393 and earlier, LTS 2.375.3 and earlier creates a temporary file in the default temporary directory with the default permissions for newly created files when uploading a plugin for installation, potentially allowing attackers wi…
- CVE-2023-27900HIGHCVSS 7.5EG 7.5✓ Fixed in 2.387.12023-03-10
vulnerable: 2.376 ... 2.387 (12 versions)
Jenkins 2.393 and earlier, LTS 2.375.3 and earlier uses the Apache Commons FileUpload library without specifying limits for the number of request parts introduced in version 1.5 for CVE-2023-24998 in hudson.util.MultipartFormDataParser, al…
- CVE-2023-27901HIGHCVSS 7.5EG 7.5✓ Fixed in 2.387.12023-03-10
vulnerable: 2.376 ... 2.387 (12 versions)
Jenkins 2.393 and earlier, LTS 2.375.3 and earlier uses the Apache Commons FileUpload library without specifying limits for the number of request parts introduced in version 1.5 for CVE-2023-24998 in org.kohsuke.stapler.RequestImpl, allowi…
- CVE-2023-27902MEDIUMCVSS 4.3EG 4.3✓ Fixed in 2.3942023-03-10
vulnerable: 2.388 ... 2.393 (6 versions)
Jenkins 2.393 and earlier, LTS 2.375.3 and earlier shows temporary directories related to job workspaces, which allows attackers with Item/Workspace permission to access their contents.
- CVE-2023-27903MEDIUMCVSS 4.4EG 4.4✓ Fixed in 2.3942023-03-10
vulnerable: 2.388 ... 2.393 (6 versions)
Jenkins 2.393 and earlier, LTS 2.375.3 and earlier creates a temporary file in the default temporary directory with the default permissions for newly created files when uploading a file parameter through the CLI, potentially allowing attac…
- CVE-2023-27904MEDIUMCVSS 5.3EG 5.3✓ Fixed in 2.3942023-03-10
vulnerable: 2.388 ... 2.393 (6 versions)
Jenkins 2.393 and earlier, LTS 2.375.3 and earlier prints an error stack trace on agent-related pages when agent connections are broken, potentially revealing information about Jenkins configuration that is otherwise inaccessible to attack…
- CVE-2023-35141HIGHCVSS 8.0EG 8.0✓ Fixed in 2.4002023-06-14
vulnerable: 1.396 ... 2.99 (822 versions)
In Jenkins 2.399 and earlier, LTS 2.387.3 and earlier, POST requests are sent in order to load the list of context actions. If part of the URL includes insufficiently escaped user-provided values, a victim may be tricked into sending a POS…
- CVE-2023-39151MEDIUMCVSS 5.4EG 5.4✓ Fixed in 2.4162023-07-26
vulnerable: 2.415
Jenkins 2.415 and earlier, LTS 2.401.2 and earlier does not sanitize or properly encode URLs in build logs when transforming them into hyperlinks, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able…
- CVE-2023-43494MEDIUMCVSS 4.3EG 4.3✓ Fixed in 2.4242023-09-20
vulnerable: 2.415 ... 2.423 (9 versions)
Jenkins 2.50 through 2.423 (both inclusive), LTS 2.60.1 through 2.414.1 (both inclusive) does not exclude sensitive build variables (e.g., password parameter values) from the search in the build history widget, allowing attackers with Item…
- CVE-2023-43495MEDIUMCVSS 5.4EG 5.4✓ Fixed in 2.4242023-09-20
vulnerable: 2.415 ... 2.423 (9 versions)
Jenkins 2.423 and earlier, LTS 2.414.1 and earlier does not escape the value of the 'caption' constructor parameter of 'ExpandableDetailsNote', resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to…
- CVE-2023-43496HIGHCVSS 8.8EG 8.8✓ Fixed in 2.4242023-09-20
vulnerable: 2.415 ... 2.423 (9 versions)
Jenkins 2.423 and earlier, LTS 2.414.1 and earlier creates a temporary file in the system temporary directory with the default permissions for newly created files when installing a plugin from a URL, potentially allowing attackers with acc…
- CVE-2023-43497HIGHCVSS 8.1EG 8.1✓ Fixed in 2.4242023-09-20
vulnerable: 2.415 ... 2.423 (9 versions)
In Jenkins 2.423 and earlier, LTS 2.414.1 and earlier, processing file uploads using the Stapler web framework creates temporary files in the default system temporary directory with the default permissions for newly created files, potentia…
- CVE-2023-43498HIGHCVSS 8.1EG 8.1✓ Fixed in 2.4242023-09-20
vulnerable: 2.415 ... 2.423 (9 versions)
In Jenkins 2.423 and earlier, LTS 2.414.1 and earlier, processing file uploads using MultipartFormDataParser creates temporary files in the default system temporary directory with the default permissions for newly created files, potentiall…
- CVE-2024-23897CRITICALCVSS 9.8EG 9.8⚠ KEV✓ Fixed in 2.4422024-01-24
vulnerable: 2.441
Jenkins 2.441 and earlier, LTS 2.426.2 and earlier does not disable a feature of its CLI command parser that replaces an '@' character followed by a file path in an argument with the file's contents, allowing unauthenticated attackers to r…
- CVE-2024-23898HIGHCVSS 8.8EG 8.82024-01-24
vulnerable: 2.441
Jenkins 2.217 through 2.441 (both inclusive), LTS 2.222.1 through 2.426.2 (both inclusive) does not perform origin validation of requests made through the CLI WebSocket endpoint, resulting in a cross-site WebSocket hijacking (CSWSH) vulner…
- CVE-2024-43044HIGHCVSS 8.8EG 8.8✓ Fixed in 2.4712024-08-07
vulnerable: 2.470
Jenkins 2.470 and earlier, LTS 2.452.3 and earlier allows agent processes to read arbitrary files from the Jenkins controller file system by using the `ClassLoaderProxy#fetchJar` method in the Remoting library.
- CVE-2024-43045MEDIUMCVSS 6.3EG 6.3✓ Fixed in 2.4712024-08-07
vulnerable: 2.470
Jenkins 2.470 and earlier, LTS 2.452.3 and earlier does not perform a permission check in an HTTP endpoint, allowing attackers with Overall/Read permission to access other users' "My Views".
- CVE-2024-47803MEDIUMCVSS 4.3EG 4.3✓ Fixed in 2.4792024-10-02
vulnerable: 2.466 ... 2.478 (13 versions)
Jenkins 2.478 and earlier, LTS 2.462.2 and earlier does not redact multi-line secret values in error messages generated for form submissions involving the `secretTextarea` form field.
- CVE-2024-47804MEDIUMCVSS 4.3EG 4.3✓ Fixed in 2.4792024-10-02
vulnerable: 2.466 ... 2.478 (13 versions)
If an attempt is made to create an item of a type prohibited by `ACL#hasCreatePermission2` or `TopLevelItemDescriptor#isApplicableIn(ItemGroup)` through the Jenkins CLI or the REST API and either of these checks fail, Jenkins 2.478 and ear…
- CVE-2025-27622MEDIUMCVSS 4.3EG 4.3✓ Fixed in 2.5002025-03-05
vulnerable: 2.493 ... 2.499 (7 versions)
Jenkins 2.499 and earlier, LTS 2.492.1 and earlier does not redact encrypted values of secrets when accessing `config.xml` of agents via REST API or CLI, allowing attackers with Agent/Extended Read permission to view encrypted values of se…
- CVE-2025-27623MEDIUMCVSS 4.3EG 4.3✓ Fixed in 2.492.22025-03-05
vulnerable: 1.396 ... 2.99 (936 versions)
Jenkins 2.499 and earlier, LTS 2.492.1 and earlier does not redact encrypted values of secrets when accessing `config.xml` of views via REST API or CLI, allowing attackers with View/Read permission to view encrypted values of secrets.
- CVE-2025-27625MEDIUMCVSS 4.3EG 4.3✓ Fixed in 2.492.22025-03-05
vulnerable: 1.396 ... 2.99 (936 versions)
In Jenkins 2.499 and earlier, LTS 2.492.1 and earlier, redirects starting with backslash (`\`) characters are considered safe, allowing attackers to perform phishing attacks by having users go to a Jenkins URL that will forward them to a d…
- CVE-2025-31720MEDIUMCVSS 4.3EG 4.3✓ Fixed in 2.5042025-04-02
vulnerable: 2.500, 2.501, 2.502, 2.503
A missing permission check in Jenkins 2.503 and earlier, LTS 2.492.2 and earlier allows attackers with Computer/Create permission but without Computer/Extended Read permission to copy an agent, gaining access to its configuration.
- CVE-2025-59476MEDIUMCVSS 5.3EG 5.3✓ Fixed in 2.516.32025-09-17
vulnerable: 1.396 ... 2.99 (967 versions)
Jenkins 2.527 and earlier, LTS 2.516.2 and earlier does not restrict or transform the characters that can be inserted from user-specified content in log messages, allowing attackers able to control log message contents to insert line break…
- CVE-2025-67635HIGHCVSS 7.5EG 7.5✓ Fixed in 2.5412025-12-10
vulnerable: 2.529 ... 2.540 (12 versions)
Jenkins 2.540 and earlier, LTS 2.528.2 and earlier does not properly close HTTP-based CLI connections when the connection stream becomes corrupted, allowing unauthenticated attackers to cause a denial of service.
- CVE-2025-67637MEDIUMCVSS 4.3EG 4.3✓ Fixed in 2.5412025-12-10
vulnerable: 2.529 ... 2.540 (12 versions)
Jenkins 2.540 and earlier, LTS 2.528.2 and earlier stores build authorization tokens unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Item/Extended Read permission or access to the Jenkin…
- CVE-2025-67638MEDIUMCVSS 4.3EG 4.3✓ Fixed in 2.5412025-12-10
vulnerable: 2.529 ... 2.540 (12 versions)
Jenkins 2.540 and earlier, LTS 2.528.2 and earlier does not mask build authorization tokens displayed on the job configuration form, increasing the potential for attackers to observe and capture them.
Check whether org.jenkins-ci.main:jenkins-core is used in your infrastructure
EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for org.jenkins-ci.main:jenkins-core CVEs against the assets you own.
Start Free Scan →