org.jenkins-ci.main:jenkins-core vulnerabilities

package manager

View on Maven Repository

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the org.jenkins-ci.main:jenkins-core package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free

Vulnerability	Vulnerable Version
M Denial of Service (DoS)	[0,)
M Denial of Service (DoS)	[0,)
H Cross-site Scripting (XSS)	[0,)
H Creation of Temporary File With Insecure Permissions	[0,)
L Information Exposure	[0,)
L Creation of Temporary File With Insecure Permissions	[0,)
M Information Exposure	[0,)
H Cross-site Request Forgery (CSRF)	(,1.480.3) [1.481,1.502)
H Cross-site Request Forgery (CSRF)	(,1.480.3) [1.481,1.502)
H Cross-site Request Forgery (CSRF)	(,1.509.1) [1.510,1.514)
M Cross-site Scripting (XSS)	(,1.502)
M Information Exposure	(,2.204.2) [2.205,2.219)
H Session Fixation	[2.266,2.289.2) [2.292,2.300)
H Improper Authentication	(,2.204.2) [2.205,2.214)
M Information Exposure	(,2.204.2) [2.205,2.219)
M Timing Attack	(,2.204.2) [2.205,2.219)
L Improper Restriction of Rendered UI Layers or Frames	(,2.204.2) [2.205,2.219)
M Timing Attack	(,2.204.2) [2.205,2.219)
M Denial of Service (DoS)	(,2.204.2) [2.205,2.219)
M Incorrect Authorization	[2.266,2.289.2) [2.292,2.300)
M Path Equivalence	(,2.303.2) [2.304,2.315)
M Directory Traversal	(,2.303.2) [2.304,2.315)
M Cross-site Scripting (XSS)	[2.340,2.356)
M Cross-site Scripting (XSS)	[2.320,2.356)
M Cross-site Scripting (XSS)	[2.321,2.356)
M Information Exposure	[2.334,2.356)
H Cross-site Scripting (XSS)	[2.340,2.356)
H Information Exposure	[2.335,2.356)
M Cross-site Scripting (XSS)	(,2.89.4)
H Improper Authorization	(,2.159)
H Cross-site Scripting (XSS)	(,2.370)
M Denial of Service (DoS)	(,2.319.3) [2.320,2.334)
M Cross-site Request Forgery (CSRF)	[2.320,2.330) (,2.319.2)
C Improper Authorization	(,2.303.3) [2.304,2.319)
C Directory Traversal	(,2.303.3) [2.304,2.319)
C Symlink Attack	(,2.303.3) [2.304,2.319)
C Improper Access Control	(,2.303.3) [2.304,2.319)
C Improper Authorization	(,2.303.3) [2.304,2.319)
C Directory Traversal	(,2.303.3) [2.304,2.319)
H Arbitrary Code Injection	(,2.303.3) [2.304,2.319)
C Improper Authorization	(,2.303.3) [2.304,2.319)
M Directory Traversal	(,2.303.3) [2.304,2.319)
M Improper Access Control	(,2.303.3) [2.304,2.319)
M Improper Access Control	(,2.303.3) [2.304,2.319)
C Symlink Attack	(,2.303.3) [2.304,2.319)
M Symlink Attack	(,2.303.3) [2.304,2.319)
L Insufficient Validation	[2.278,2.287) (,2.277.2)
M Improper Validation	[2.278,2.287) (,2.277.2)
M Race Condition	(,2.263.2) [2.270,2.275)
M Denial of Service (DoS)	(,2.263.2) [2.270,2.275)
H Deserialization of Untrusted Data	(,2.263.2) [2.270,2.275)
M Arbitrary File Read	(,2.263.2) [2.270,2.275)
H Cross-site Scripting (XSS)	(,2.263.2) [2.270,2.275)
H Cross-site Scripting (XSS)	(,2.263.2) [2.270,2.275)
M Cross-site Scripting (XSS)	(,2.263.2) [2.270,2.275)
H Directory Traversal	(,2.263.2) [2.270,2.275)
L Access Restriction Bypass	(,2.263.2) [2.270,2.275)
H Cross-site Scripting (XSS)	(,2.263.2) [2.270,2.275)
M Information Exposure	(,2.263.2) [2.270,2.275)
H Cross-site Scripting (XSS)	(,2.252) [2.235.3,2.235.4)
H Cross-site Scripting (XSS)	(,2.252) [2.235.3,2.235.4)
H Cross-site Scripting (XSS)	(,2.252) [2.235.3,2.235.4)
M Cross-site Scripting (XSS)	(,2.176.4) [2.180.0,2.196.1)
M Cross-site Scripting (XSS)	(,2.176.4) [2.180.0,2.196.1)
M Cross-site Scripting (XSS)	[0,2.176.4) [2.180.0,2.196.1)
M Cross-site Scripting (XSS)	(,2.176.4) [2.180.0,2.190.1)
H Denial of Service (DoS)	[0,2.73.2) [2.83,2.83.1)
M Cross-site Scripting (XSS)	[0,2.176.4) [2.180.0,2.196.1)
M Information Exposure	(,2.176.4) [2.180.0,2.196.1)
H Cross-site Scripting (XSS)	(,2.245)
H Cross-site Scripting (XSS)	(,2.245)
H Cross-site Scripting (XSS)	(,2.245)
H Cross-site Scripting (XSS)	(,2.245)
M Cross-site Scripting (XSS)	(,2.228)
M Cross-site Scripting (XSS)	(,2.228)
H Cross-site Request Forgery (CSRF)	(,2.228)
M Cross-site Scripting (XSS)	(,2.228)
M Cross-site Scripting (XSS)	(,2.176.2) [2.177,2.192)
H Protection Bypass	(,2.176.2) [2.177,2.192)
H Cross Site Request Forgery (CSRF)	[2.180,2.186) (,2.176.2)
M Directory Traversal	(,2.176.2) [2.177,2.186)
M Access Control Bypass	(,2.176.2) [2.177,2.186)
H Authorization Bypass	[2.150,2.160) [2.150.1,2.150.2)
M Authentication Bypass	(,2.164.2) (,2.172)
M Cross-site Scripting (XSS)	(,2.164.2) (,2.172)
M Directory Traversal	(,2.138.2) [2.140,2.146)
M Cross-site Scripting (XSS)	(,2.138.2) [2.140,2.146)
M Arbitrary File Write	(,2.138.2) [2.140,2.146)
L Information Exposure	(,2.138.2) [2.140,2.146)
M Ephemeral User Record Creation	(,2.138.2) [2.140,2.146)
M Session Fixation	(,2.138.2) [2.140,2.146)
M Information Exposure	(,2.138.4) [2.140,2.149] [2.150,2.150.1) [2.153,2.154)
M Modification of Assumed-Immutable Data (MAID)	(,2.138.4) [2.140,2.149] [2.150,2.150.1) [2.153,2.154)
C Arbitrary Code Execution	(,2.138.4) [2.140,2.150.1) [2.153,2.154)
M Denial of Service (DoS)	(,2.138.4) [2.150,2.154)
M Information Exposure	(,1.625.2) [1.630,1.638)
L Arbitrary Code Execution	[1.509.0,1.509.1) [1.510,1.514)
M Arbitrary Code Execution	(,1.587)
L Information Exposure	(,1.480.2) [1.490,1.498)
M Improper Authorization	(,2.121.3) [2.130,2.138)
M Information Exposure	(,2.121.3) [2.130,2.138)
M Authentication Bypass	(,2.121.3) [2.130,2.138)
M Denial of Service (DoS)	(,2.121.3) [2.130,2.138)
H Denial of Service (DoS)	(,2.121.3) [2.130,2.138)
M Deserialization of Untrusted Data	(,2.121.3) [2.130,2.138)
M Cross-site Scripting (XSS)	(,2.121.2) [2.130,2.133)
M Information Exposure	(,2.121.2) [2.130,2.133)
M Cross-site Scripting (XSS)	(,2.121.2) [2.130,2.133)
M Improper Authorization	(,2.121.2) [2.130,2.133)
M Insufficient Permission Check	(,2.121.2) [2.130,2.133)
H Authentication Bypass	(,2.121.2) [2.130,2.133)
H Arbitrary File Read	(,2.121.2) [2.130,2.133)
M User Impersonation	(,2.107.3) [2.120,2.121)
M Information Exposure	(,2.107.3) [2.120,2.121)
M Server-Side Request Forgery (SSRF)	(,2.107.3) [2.120,2.121)
H Directory Traversal	(,2.107.3) [2.120,2.121)
M Arbitrary File Write via Archive Extraction (Zip Slip)	(,2.120)
M Information Exposure	(,2.32.2) [2.40,2.44)
M Session Hijacking	(,1.532.2)
M Access Restriction Bypass	(,1.532.2)
M Access Restriction Bypass	(,1.532.2)
M Cross-site Scripting (XSS)	(,1.532.2)
M Directory Traversal	(,1.532.2)
M Information Exposure	(,1.532.2)
L Information Exposure	(,1.532.2)
L Cross-site Scripting (XSS)	(,1.532.2)
H Clickjacking	(,1.532.2)
M Privilege Escalation	(,1.596.1)
M Information Exposure	(,1.565.3)
M Cross-site Scripting (XSS)	(,1.596.2) [1.600,1.606)
M Arbitrary Code Execution	(,1.596.1)
H Privilege Escalation	(,1.596.2) [1.600,1.606)
M Man-in-the-Middle (MitM)	(,1.586)
M Information Exposure	(,1.565.3)
M Information Exposure	(,1.586)
M Cross-site Scripting (XSS)	(,1.565.3)
M Directory Traversal	(,1.565.3)
M Privilege Escalation	(,1.565.3)
M Information Exposure	(,1.565.3)
L Denial of Service (DoS)	(,1.596.1)
L Directory Traversal	(,1.596.1)
M Cross-site Scripting (XSS)	(,1.596.2) [1.600,1.606)
H Arbitrary Code Execution	(,1.565.3)
M Denial of Service (DoS)	(,1.565.3)
M Information Exposure	(,2.32.2) [2.40,2.44)
M Information Exposure	(,2.32.2) [2.40,2.44)
M Cross-site Scripting (XSS)	(,2.32.2) [2.40,2.44)
M Cross-site Request Forgery (CSRF)	(,1.625.2) [1.630,1.638)
M XML External Entity (XXE) Injection	(,1.625.2) [1.630,1.638)
M Directory Traversal	(,1.625.2) [1.630,1.638)
M Access Restriction Bypass	(,1.625.2) [1.630,1.638)
M Cross-site Scripting (XSS)	(,1.625.2) [1.630,1.638)
M Information Exposure	(,1.625.2) [1.630,1.638)
H Improper Access Control	(,1.625.2) [1.630,1.638)
M Information Exposure	(,1.625.2) [1.630,1.638)
M Cross-site Request Forgery (CSRF)	(,2.32.2) [2.40,2.44)
M Privilege Escalation	(,2.32.2) [2.40,2.44)
H Deserialization of Untrusted Data	(,2.32.2) [2.40,2.44)
M Insufficient Permission Validation	(,2.32.2) [2.40,2.44)
L Information Exposure	(,2.32.2) [2.40,2.44)
M Arbitrary File Overwrite	(,2.32.2) [2.40,2.44)
M Cross-site Scripting (XSS)	(,2.32.2) (,2.44)
H Cross-site Request Forgery (CSRF)	(,1.625.3) [1.630,1.641)
C Arbitrary Code Execution	(,1.642.2) [1.643.0,1.650)
M Information Exposure	(,2.32.2) [2.40,2.44)
M Timing Attacks	(,1.642.2) [1.643,1.650)
M HTTP Response Splitting	(,1.642.2) [1.643.0,1.650)
C Timing Attack	(,1.642.2) [1.643,1.650)
H Arbitrary Code Execution	(,1.625.3) [1.630,1.641)
H Arbitrary Code Execution	(,1.642.2) [1.643.0,1.650)
M Insufficient Permission Validation	(,2.32.2) [2.4,2.44)
H Arbitrary Code Execution	(,1.625.2) [1.630,1.638)
M Arbitrary Code Injection	(,1.651.2) [2.0,2.3)
M Information Exposure	(,1.651) [2.0.0,2.3)
H Open Redirect	(,1.651.1) [2.0.0,2.3)
M Information Exposure	(,1.651.2) [2.0.0,2.3)
M Information Exposure	(,1.651.2) [2.0,2.3)
M Authentication Bypass	(,1.651.2) [2.0,2.3)
M Denial of Service (DoS)	(,1.651.2) [2.0,2.3)
C Arbitrary Code Execution	(,2.19.3) [2.30,2.32)
M Cross-site Scripting (XSS)	[2.110,2.116) [2.107.0,2.107.2)
M Information Exposure	(,2.107.2)
M Insufficient Permission Validation	(,2.32.2) [2.40,2.44)
M Deserialization of Untrusted Data	(,2.46.2) [2.50,2.57)
H Cross-Site Request Forgery (CSRF)	(,2.46.2) [2.50,2.57)
H Directory Traversal	(,2.73.3) [2.80,2.89)
H Arbitrary Shell Command Execution	(,2.73.2) [2.80,2.83)
M Information Exposure	(,2.73.2) [2.80,2.84)
M Man-in-the-Middle (MitM)	(,2.73.2) [2.80,2.84)
M Information Exposure	(,2.73.2) [2.80,2.84)
M Information Exposure	(,2.73.2) [2.80,2.84)
M Information Exposure	(,2.73.2)
H Authentication Bypass	(,2.46.2) [2.50,2.57)
C Information Exposure	(,2.32.2) [2.40,2.44)
C Deserialization of Untrusted Data	(,2.46.2) [2.50,2.57)
L Information Exposure	(,2.73.2)
H Insecure Initialization	(,2.89.2) [2.90,2.95)
H Cross-site Request Forgery (CSRF)	(,2.89.2) [2.90,2.95)
M Server-Side Request Forgery (SSRF)	(,2.89.4)
M Improper Input Validation	(,2.89.4]
M Directory Traversal	(,2.89.4)

org.jenkins-ci.main:jenkins-core vulnerabilities

package manager

Direct Vulnerabilities