org.jenkins-ci.main:jenkins-core vulnerabilities

package manager

View on Maven Repository

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the org.jenkins-ci.main:jenkins-core package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free

Vulnerability	Vulnerable Version
M Incorrect Authorization	[,2.462.3) [2.466,2.479)
M Information Exposure Through an Error Message	[,2.462.3) [2.466,2.479)
M Improper Access Control	[,2.471)
M Arbitrary File Read	[,2.452.4) [2.460,2.462.1) [2.470,2.471)
M Authentication Bypass by Capture-replay	[,2.440.3) [2.441,2.452)
M Access Restriction Bypass	[,1.480.3) [1.481,1.502)
H Exposure of Sensitive Information to an Unauthorized Actor	[,1.532.2) [1.533,1.551)
H Resource Exhaustion	[,1.424.2) [1.425,1.447)
H XML External Entity (XXE) Injection	[,1.596.1) [1.597,1.600)
H XML External Entity (XXE) Injection	[,1.596.1) [1.597,1.600)
C Improper Access Control	[,2.426.3) [2.427,2.440.1) [2.441,2.442)
H Origin Validation Error	[,2.426.3) [2.427,2.440.1) [2.441,2.442)
L Incorrect Default Permissions	[2.50,2.414.2) [2.415,2.424)
L Creation of Temporary File With Insecure Permissions	[,2.414.2) [2.415,2.424)
H Improper Control of Generation of Code ('Code Injection')	[,2.414.2) [2.415,2.424)
M Information Exposure	[,2.414.2) [2.415,2.424)
M Cross-site Scripting (XSS)	[,2.414.2) [2.415,2.424)
M Cross-site Scripting (XSS)	[,2.401.3) [2.406,2.416)
H Cross-site Request Forgery (CSRF)	[,2.400)
M Denial of Service (DoS)	[,2.375.4) [2.387,2.387.1) [2.388,2.394)
M Denial of Service (DoS)	[,2.375.4) [2.387,2.387.1) [2.388,2.394)
C Cross-site Scripting (XSS)	[2.270,2.375.4) [2.376,2.387.1) [2.388,2.394)
H Creation of Temporary File With Insecure Permissions	[,2.375.4) [2.376,2.387.1) [2.388,2.394)
L Information Exposure	[,2.375.4) [2.376,2.387.1) [2.388,2.394)
L Creation of Temporary File With Insecure Permissions	[,2.375.4) [2.387,2.387.1) [2.388,2.394)
M Information Exposure	[,2.375.4) [2.387,2.387.1) [2.388,2.394)
H Cross-site Request Forgery (CSRF)	[,1.480.3) [1.481,1.502)
H Cross-site Request Forgery (CSRF)	[,1.480.3) [1.481,1.502)
H Cross-site Request Forgery (CSRF)	[,1.509.1) [1.510,1.514)
M Cross-site Scripting (XSS)	[,1.502)
M Information Exposure	[,2.204.2) [2.205,2.219)
H Session Fixation	[2.266,2.289.2) [2.292,2.300)
H Improper Authentication	[,2.204.2) [2.205,2.214)
M Information Exposure	[,2.204.2) [2.205,2.219)
M Timing Attack	[,2.204.2) [2.205,2.219)
L Improper Restriction of Rendered UI Layers or Frames	[,2.204.2) [2.205,2.219)
M Timing Attack	[,2.204.2) [2.205,2.219)
M Denial of Service (DoS)	[,2.204.2) [2.205,2.219)
M Incorrect Authorization	[2.266,2.289.2) [2.292,2.300)
M Path Equivalence	[,2.303.2) [2.304,2.315)
M Directory Traversal	[,2.303.2) [2.304,2.315)
M Cross-site Scripting (XSS)	[2.340,2.356)
M Cross-site Scripting (XSS)	[2.320,2.356)
M Cross-site Scripting (XSS)	[2.321,2.356)
M Information Exposure	[2.334,2.356)
H Cross-site Scripting (XSS)	[2.340,2.356)
H Information Exposure	[2.335,2.356)
M Cross-site Scripting (XSS)	[,2.89.4)
H Improper Authorization	[,2.159)
H Cross-site Scripting (XSS)	[,2.370)
M Denial of Service (DoS)	[,2.319.3) [2.320,2.334)
M Cross-site Request Forgery (CSRF)	[2.320,2.330) [,2.319.2)
C Symlink Attack	[,2.303.3) [2.304,2.319)
C Improper Authorization	[,2.303.3) [2.304,2.319)
C Directory Traversal	[,2.303.3) [2.304,2.319)
C Improper Authorization	[,2.303.3) [2.304,2.319)
C Improper Authorization	[,2.303.3) [2.304,2.319)
M Directory Traversal	[,2.303.3) [2.304,2.319)
C Directory Traversal	[,2.303.3) [2.304,2.319)
H Arbitrary Code Injection	[,2.303.3) [2.304,2.319)
C Improper Access Control	[,2.303.3) [2.304,2.319)
M Improper Access Control	[,2.303.3) [2.304,2.319)
C Symlink Attack	[,2.303.3) [2.304,2.319)
M Improper Access Control	[,2.303.3) [2.304,2.319)
M Symlink Attack	[,2.303.3) [2.304,2.319)
L Insufficient Validation	[2.278,2.287) [,2.277.2)
M Improper Validation	[2.278,2.287) [,2.277.2)
M Race Condition	[,2.263.2) [2.270,2.275)
M Denial of Service (DoS)	[,2.263.2) [2.270,2.275)
H Deserialization of Untrusted Data	[,2.263.2) [2.270,2.275)
M Arbitrary File Read	[,2.263.2) [2.270,2.275)
H Cross-site Scripting (XSS)	[,2.263.2) [2.270,2.275)
H Cross-site Scripting (XSS)	[,2.263.2) [2.270,2.275)
M Cross-site Scripting (XSS)	[,2.263.2) [2.270,2.275)
H Directory Traversal	[,2.263.2) [2.270,2.275)
L Access Restriction Bypass	[,2.263.2) [2.270,2.275)
H Cross-site Scripting (XSS)	[,2.263.2) [2.270,2.275)
M Information Exposure	[,2.263.2) [2.270,2.275)
H Cross-site Scripting (XSS)	[,2.252) [2.235.3,2.235.4)
H Cross-site Scripting (XSS)	[,2.252) [2.235.3,2.235.4)
H Cross-site Scripting (XSS)	[,2.252) [2.235.3,2.235.4)
M Cross-site Scripting (XSS)	[,2.176.4) [2.180.0,2.196.1)
M Cross-site Scripting (XSS)	[,2.176.4) [2.180.0,2.196.1)
M Cross-site Scripting (XSS)	[,2.176.4) [2.180.0,2.190.1)
M Cross-site Scripting (XSS)	[0,2.176.4) [2.180.0,2.196.1)
M Cross-site Scripting (XSS)	[0,2.176.4) [2.180.0,2.196.1)
H Denial of Service (DoS)	[0,2.73.2) [2.83,2.83.1)
M Information Exposure	[,2.176.4) [2.180.0,2.196.1)
H Cross-site Scripting (XSS)	[,2.245)
H Cross-site Scripting (XSS)	[,2.245)
H Cross-site Scripting (XSS)	[,2.245)
H Cross-site Scripting (XSS)	[,2.245)
M Cross-site Scripting (XSS)	[,2.228)
M Cross-site Scripting (XSS)	[,2.228)
H Cross-site Request Forgery (CSRF)	[,2.228)
M Cross-site Scripting (XSS)	[,2.228)
M Cross-site Scripting (XSS)	[,2.176.2) [2.177,2.192)
H Protection Bypass	[,2.176.2) [2.177,2.192)
H Cross Site Request Forgery (CSRF)	[2.180,2.186) [,2.176.2)
M Directory Traversal	[,2.176.2) [2.177,2.186)
M Access Control Bypass	[,2.176.2) [2.177,2.186)
H Authorization Bypass	[2.150,2.160) [2.150.1,2.150.2)
M Authentication Bypass	[,2.164.2) [,2.172)
M Cross-site Scripting (XSS)	[,2.164.2) [,2.172)
M Directory Traversal	[,2.138.2) [2.140,2.146)
M Arbitrary File Write	[,2.138.2) [2.140,2.146)
L Information Exposure	[,2.138.2) [2.140,2.146)
M Cross-site Scripting (XSS)	[,2.138.2) [2.140,2.146)
M Ephemeral User Record Creation	[,2.138.2) [2.140,2.146)
M Session Fixation	[,2.138.2) [2.140,2.146)
M Information Exposure	[,2.138.4) [2.140,2.149] [2.150,2.150.1) [2.153,2.154)
M Modification of Assumed-Immutable Data (MAID)	[,2.138.4) [2.140,2.149] [2.150,2.150.1) [2.153,2.154)
C Arbitrary Code Execution	[,2.138.4) [2.140,2.150.1) [2.153,2.154)
M Denial of Service (DoS)	[,2.138.4) [2.150,2.154)
M Information Exposure	[,1.625.2) [1.630,1.638)
L Arbitrary Code Execution	[1.509.0,1.509.1) [1.510,1.514)
M Arbitrary Code Execution	[,1.587)
L Information Exposure	[,1.480.2) [1.490,1.498)
M Improper Authorization	[,2.121.3) [2.130,2.138)
M Information Exposure	[,2.121.3) [2.130,2.138)
M Authentication Bypass	[,2.121.3) [2.130,2.138)
M Denial of Service (DoS)	[,2.121.3) [2.130,2.138)
H Denial of Service (DoS)	[,2.121.3) [2.130,2.138)
M Deserialization of Untrusted Data	[,2.121.3) [2.130,2.138)
M Cross-site Scripting (XSS)	[,2.121.2) [2.130,2.133)
M Information Exposure	[,2.121.2) [2.130,2.133)
M Cross-site Scripting (XSS)	[,2.121.2) [2.130,2.133)
M Improper Authorization	[,2.121.2) [2.130,2.133)
M Insufficient Permission Check	[,2.121.2) [2.130,2.133)
H Authentication Bypass	[,2.121.2) [2.130,2.133)
H Arbitrary File Read	[,2.121.2) [2.130,2.133)
M User Impersonation	[,2.107.3) [2.120,2.121)
M Information Exposure	[,2.107.3) [2.120,2.121)
M Server-Side Request Forgery (SSRF)	[,2.107.3) [2.120,2.121)
H Directory Traversal	[,2.107.3) [2.120,2.121)
M Arbitrary File Write via Archive Extraction (Zip Slip)	[,2.120)
M Information Exposure	[,2.32.2) [2.40,2.44)
M Session Hijacking	[,1.532.2)
M Access Restriction Bypass	[,1.532.2)
M Access Restriction Bypass	[,1.532.2)
M Cross-site Scripting (XSS)	[,1.532.2)
M Directory Traversal	[,1.532.2)
M Information Exposure	[,1.532.2)
L Information Exposure	[,1.532.2)
L Cross-site Scripting (XSS)	[,1.532.2)
H Clickjacking	[,1.532.2)
M Privilege Escalation	[,1.596.1)
M Information Exposure	[,1.565.3)
M Cross-site Scripting (XSS)	[,1.596.2) [1.600,1.606)
M Arbitrary Code Execution	[,1.596.1)
H Privilege Escalation	[,1.596.2) [1.600,1.606)
M Man-in-the-Middle (MitM)	[,1.586)
M Information Exposure	[,1.565.3)
M Information Exposure	[,1.586)
M Cross-site Scripting (XSS)	[,1.565.3)
M Directory Traversal	[,1.565.3)
M Privilege Escalation	[,1.565.3)
M Information Exposure	[,1.565.3)
L Denial of Service (DoS)	[,1.596.1)
L Directory Traversal	[,1.596.1)
M Cross-site Scripting (XSS)	[,1.596.2) [1.600,1.606)
H Arbitrary Code Execution	[,1.565.3)
M Denial of Service (DoS)	[,1.565.3)
M Information Exposure	[,2.32.2) [2.40,2.44)
M Information Exposure	[,2.32.2) [2.40,2.44)
M Cross-site Scripting (XSS)	[,2.32.2) [2.40,2.44)
M Cross-site Request Forgery (CSRF)	[,1.625.2) [1.630,1.638)
M XML External Entity (XXE) Injection	[,1.625.2) [1.630,1.638)
M Directory Traversal	[,1.625.2) [1.630,1.638)
M Access Restriction Bypass	[,1.625.2) [1.630,1.638)
M Cross-site Scripting (XSS)	[,1.625.2) [1.630,1.638)
M Information Exposure	[,1.625.2) [1.630,1.638)
H Improper Access Control	[,1.625.2) [1.630,1.638)
M Information Exposure	[,1.625.2) [1.630,1.638)
M Cross-site Request Forgery (CSRF)	[,2.32.2) [2.40,2.44)
M Privilege Escalation	[,2.32.2) [2.40,2.44)
H Deserialization of Untrusted Data	[,2.32.2) [2.40,2.44)
M Insufficient Permission Validation	[,2.32.2) [2.40,2.44)
L Information Exposure	[,2.32.2) [2.40,2.44)
M Arbitrary File Overwrite	[,2.32.2) [2.40,2.44)
M Cross-site Scripting (XSS)	[,2.32.2) [,2.44)
H Cross-site Request Forgery (CSRF)	[,1.625.3) [1.630,1.641)
C Arbitrary Code Execution	[,1.642.2) [1.643.0,1.650)
M Information Exposure	[,2.32.2) [2.40,2.44)
M Timing Attacks	[,1.642.2) [1.643,1.650)
M HTTP Response Splitting	[,1.642.2) [1.643.0,1.650)
C Timing Attack	[,1.642.2) [1.643,1.650)
H Arbitrary Code Execution	[,1.625.3) [1.630,1.641)
M Insufficient Permission Validation	[,2.32.2) [2.4,2.44)
H Arbitrary Code Execution	[,1.642.2) [1.643.0,1.650)
H Arbitrary Code Execution	[,1.625.2) [1.630,1.638)
M Arbitrary Code Injection	[,1.651.2) [2.0,2.3)
M Information Exposure	[,1.651) [2.0.0,2.3)
H Open Redirect	[,1.651.1) [2.0.0,2.3)
M Information Exposure	[,1.651.2) [2.0.0,2.3)
M Information Exposure	[,1.651.2) [2.0,2.3)
M Authentication Bypass	[,1.651.2) [2.0,2.3)
M Denial of Service (DoS)	[,1.651.2) [2.0,2.3)
C Arbitrary Code Execution	[,2.19.3) [2.30,2.32)
M Cross-site Scripting (XSS)	[2.110,2.116) [2.107.0,2.107.2)
M Information Exposure	[,2.107.2)
M Insufficient Permission Validation	[,2.32.2) [2.40,2.44)
M Deserialization of Untrusted Data	[,2.46.2) [2.50,2.57)
H Cross-Site Request Forgery (CSRF)	[,2.46.2) [2.50,2.57)
H Directory Traversal	[,2.73.3) [2.80,2.89)
H Arbitrary Shell Command Execution	[,2.73.2) [2.80,2.83)
M Information Exposure	[,2.73.2) [2.80,2.84)
M Man-in-the-Middle (MitM)	[,2.73.2) [2.80,2.84)
M Information Exposure	[,2.73.2) [2.80,2.84)
M Information Exposure	[,2.73.2) [2.80,2.84)
M Information Exposure	[,2.73.2)
H Authentication Bypass	[,2.46.2) [2.50,2.57)
C Information Exposure	[,2.32.2) [2.40,2.44)
C Deserialization of Untrusted Data	[,2.46.2) [2.50,2.57)
L Information Exposure	[,2.73.2)
H Insecure Initialization	[,2.89.2) [2.90,2.95)
H Cross-site Request Forgery (CSRF)	[,2.89.2) [2.90,2.95)
M Server-Side Request Forgery (SSRF)	[,2.89.4)
M Improper Input Validation	[,2.89.4]
M Directory Traversal	[,2.89.4)

org.jenkins-ci.main:jenkins-core vulnerabilities

package manager

Direct Vulnerabilities