VIR Vulnerability Intelligence Relay

Package impact

java Maven / org.jenkins-ci.main:jenkins-core

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2016-9299 critical 9.8 10.0 10y ago Improper Neutralization of Special Elements used in an LDAP Query in Jenkins
CVE-2017-1000362 critical 9.8 9.8 9y ago Exposure of Sensitive Information to an Unauthorized Actor in Jenkins
CVE-2016-0792 high 8.8 9.8 10y ago Jenkins allows Deserialization of Untrusted Data via an XML File
CVE-2016-0791 critical 9.8 9.8 10y ago Exposure of Sensitive Information in Jenkins Core
CVE-2016-0788 critical 9.8 9.8 10y ago Jenkins allows Execution of Code by Opening a JRMP Listener
CVE-2021-21686 critical 9.5 4y ago multiple issues in jenkins
CVE-2021-21689 critical 9.5 4y ago multiple issues in jenkins
CVE-2021-21687 critical 9.5 4y ago multiple issues in jenkins
CVE-2021-21685 critical 9.5 4y ago multiple issues in jenkins
CVE-2021-21688 critical 9.5 4y ago multiple issues in jenkins
CVE-2021-21694 critical 9.5 4y ago multiple issues in jenkins
CVE-2021-21690 critical 9.5 4y ago multiple issues in jenkins
CVE-2021-21693 critical 9.5 4y ago multiple issues in jenkins
CVE-2021-21692 critical 9.5 4y ago multiple issues in jenkins
CVE-2021-21691 critical 9.5 4y ago multiple issues in jenkins
CVE-2021-21697 critical 9.5 4y ago multiple issues in jenkins
CVE-2021-21695 critical 9.5 4y ago multiple issues in jenkins
CVE-2021-21696 critical 9.5 4y ago multiple issues in jenkins
CVE-2018-1999002 high 9.0 4y ago multiple issues in jenkins
CVE-2015-7538 high 8.8 8.8 11y ago Jenkins Vulnerable to Cross-Site Request Forgery (CSRF) Attack
CVE-2015-7537 high 8.8 8.8 11y ago Jenkins Vulnerable to Cross-Site Request Forgery (CSRF) Attack
CVE-2021-21671 high 8.0 4y ago multiple issues in jenkins
CVE-2021-21670 high 8.0 4y ago multiple issues in jenkins
CVE-2021-21611 high 8.0 4y ago multiple issues in jenkins
CVE-2021-21607 high 8.0 4y ago multiple issues in jenkins
CVE-2021-21605 high 8.0 4y ago multiple issues in jenkins
CVE-2021-21610 high 8.0 4y ago multiple issues in jenkins
CVE-2021-21609 high 8.0 4y ago multiple issues in jenkins
CVE-2021-21606 high 8.0 4y ago multiple issues in jenkins
CVE-2021-21602 high 8.0 4y ago multiple issues in jenkins
CVE-2021-21604 high 8.0 4y ago multiple issues in jenkins
CVE-2021-21608 high 8.0 4y ago multiple issues in jenkins
CVE-2021-21603 high 8.0 4y ago multiple issues in jenkins
CVE-2019-10353 high 8.0 4y ago Cross-Site Request Forgery in Jenkins
CVE-2019-10352 high 8.0 4y ago Improper Limitation of a Pathname to a Restricted Directory in Jenkins
CVE-2019-10354 high 8.0 4y ago Missing Authorization in Jenkins
CVE-2017-1000355 high 8.0 4y ago multiple issues in jenkins
CVE-2017-1000356 high 8.0 4y ago multiple issues in jenkins
CVE-2017-1000354 high 8.0 4y ago multiple issues in jenkins
CVE-2018-1999006 high 8.0 4y ago multiple issues in jenkins
CVE-2018-1999004 high 8.0 4y ago multiple issues in jenkins
CVE-2018-1999007 high 8.0 4y ago multiple issues in jenkins
CVE-2018-1999005 high 8.0 4y ago multiple issues in jenkins
CVE-2018-1999001 high 8.0 4y ago multiple issues in jenkins
CVE-2018-1999003 high 8.0 4y ago multiple issues in jenkins
CVE-2015-7539 high 7.5 7.5 11y ago Jenkins does not Verify Checksums for Plugin Files
CVE-2015-5325 high 7.5 11y ago Jenkins allows Bypass of Access Restrictions
CVE-2015-1814 high 7.5 11y ago Jenkins allows for Privilege Escalation by Remote Authenticated Users
CVE-2014-2063 high 7.5 12y ago Jenkins Vulnerable to Clickjacking
CVE-2014-3666 high 7.5 12y ago Jenkins allows for Code Execution via Crafted Packet to the CLI
CVE-2013-0329 high 7.5 13y ago Jenkins Cross-Site Request Forgery vulnerability
CVE-2016-3726 high 7.4 7.4 10y ago Jenkins affected by Open Redirect Vulnerability
CVE-2015-5318 medium 6.8 11y ago Jenkins Vulnerable to Cross-Site Request Forgery (CSRF) Attack
CVE-2014-3665 medium 6.8 11y ago Jenkins improperly ensures trust separation
CVE-2014-2066 medium 6.8 12y ago Jenkins session fixation vulnerability
CVE-2013-2034 medium 6.8 12y ago Jenkins Cross-Site Request Forgery vulnerabilities
CVE-2013-0327 medium 6.8 13y ago Jenkins Cross-Site Request Forgery vulnerability
CVE-2016-3724 medium 6.5 6.5 10y ago Jenkins Exposes Sensitive Information from Job Configuration
CVE-2015-5323 medium 6.5 11y ago Jenkins allows Administrators to Access API Tokens
CVE-2015-1806 medium 6.5 11y ago Jenkins allows for Privilege Escalation by Remote Authenticated Users
CVE-2014-2062 medium 6.5 12y ago Jenkins does not invalidate the API token when a user is deleted
CVE-2014-2058 medium 6.5 12y ago Jenkins allows attackers to execute arbitrary jobs
CVE-2014-2059 medium 6.5 12y ago Jenkins directory traversal vulnerability
CVE-2016-0789 medium 6.1 6.1 10y ago Jenkins has CRLF Injection Vulnerability in the CLI
CVE-2014-3663 medium 6.0 12y ago Jenkins allows remote authenticated users to bypass intended restrictions and create or destroy arbitrary jobs
CVE-2012-6073 medium 5.8 14y ago Jenkins affected by Open Redirect Vulnerability
CVE-2021-21683 medium 5.5 4y ago Path traversal vulnerability on Windows in Jenkins
CVE-2021-21682 medium 5.5 4y ago Improper handling of equivalent directory names on Windows in Jenkins
CVE-2021-21639 medium 5.5 4y ago Lack of type validation in agent related REST API in Jenkins
CVE-2021-21640 medium 5.5 4y ago View name validation bypass in Jenkins
CVE-2021-21615 medium 5.5 4y ago Time-of-check Time-of-use (TOCTOU) Race Condition in Jenkins
CVE-2019-10384 medium 5.5 4y ago multiple issues in jenkins
CVE-2019-10383 medium 5.5 4y ago multiple issues in jenkins
CVE-2018-1999043 medium 5.5 4y ago Missing Release of Resource after Effective Lifetime in Jenkins
CVE-2019-1003050 medium 5.5 4y ago multiple issues in jenkins
CVE-2019-1003049 medium 5.5 4y ago multiple issues in jenkins
CVE-2015-7536 medium 5.4 5.4 11y ago Improper Neutralization of Input During Web Page Generation in Jenkins
CVE-2014-9635 medium 5.3 5.3 9y ago Jenkins HttpOnly flag not Set for session cookies
CVE-2014-9634 medium 5.3 5.3 9y ago Jenkins secure flag not set on session cookies
CVE-2016-0790 medium 5.3 5.3 10y ago Exposure of Sensitive Information in Jenkins Core
CVE-2013-5573 medium 5.3 13y ago Jenkins allows Cross-Site Scripting (XSS) in User Configuration
CVE-2015-5324 medium 5.0 11y ago Jenkins allows Unauthorized Viewing of Queue API Information
CVE-2015-5322 medium 5.0 11y ago Jenkins has Local File Inclusion Vulnerability
CVE-2015-5321 medium 5.0 11y ago Jenkins has Information Disclosure via Sidepanel Widget
CVE-2015-5320 medium 5.0 11y ago Jenkins allows Exposure of Sensitive Information to an Unauthorized Actor
CVE-2015-5319 medium 5.0 11y ago Jenkins has XML External Entity (XXE) Vulnerability in Job Configuration via CLI
CVE-2014-2064 medium 5.0 12y ago Jenkins allows attackers to determine whether a user exists
CVE-2014-2061 medium 5.0 12y ago Jenkin allows attackers to obtain passwords by reading the HTML source code
CVE-2014-2060 medium 5.0 12y ago Jenkins allows Remote Attackers to Hijack Sessions
CVE-2014-3662 medium 5.0 12y ago Jenkins Exposure of Sensitive Information to an Unauthorized Actor vulnerability
CVE-2014-3661 medium 5.0 12y ago Jenkins Denial of Service vulnerability
CVE-2017-17383 medium 4.7 4.7 9y ago Cross-site Scripting in Jenkins Core
CVE-2015-1810 medium 4.6 11y ago Jenkins does not Restrict Reserved Names Allowing for Privilege Escalation
CVE-2016-3727 medium 4.3 4.3 10y ago Jenkins Exposes Sensitive Information via API URL
CVE-2016-3725 medium 4.3 4.3 10y ago Missing permissions check in Jenkins Core
CVE-2016-3723 medium 4.3 4.3 10y ago Exposure of Sensitive Information in Jenkins Core
CVE-2016-3722 medium 4.3 4.3 10y ago Incorrect Authorization in Jenkins Core
CVE-2016-3721 medium 4.3 4.3 10y ago Jenkins allows Remote Users to Inject Build Parameters
CVE-2015-5326 medium 4.3 11y ago Jenkins allows Cross-Site Scripting (XSS)
CVE-2015-1813 medium 4.3 11y ago Jenkins allows Cross-Site Scripting (XSS)