| CVE-2021-28165 |
AVG-1841 |
High |
Yes |
Denial of service |
When using SSL/TLS with Jetty, either with HTTP/1.1, HTTP/2, or WebSocket, the server may receive an invalid large (greater than 17408) TLS frame that is... |
| CVE-2021-22112 |
AVG-1595 |
High |
Yes |
Privilege escalation |
A security issue was found in Jenkins 2.275 through 2.278 (inclusive) that allows attackers with Job/Workspace permission to exploit this to switch their... |
| CVE-2021-21697 |
AVG-2526 |
High |
Yes |
Arbitrary filesystem access |
Agents are allowed some limited access to files on the Jenkins controller file system. The directories agents are allowed to access in Jenkins before 2.319... |
| CVE-2021-21696 |
AVG-2526 |
High |
Yes |
Sandbox escape |
Jenkins before version 2.319 does not limit agent read/write access to the libs/ directory inside build directories when using the FilePath APIs. This... |
| CVE-2021-21695 |
AVG-2526 |
Critical |
Yes |
Arbitrary filesystem access |
A security issue has been found in Jenkins before version 2.319. FilePath#listFiles lists files outside directories with agent read access when following... |
| CVE-2021-21694 |
AVG-2526 |
Critical |
Yes |
Arbitrary filesystem access |
A security issue has been found in Jenkins before version 2.319. FilePath#toURI, FilePath#hasSymlink, FilePath#absolutize, FilePath#isDescendant, and... |
| CVE-2021-21693 |
AVG-2526 |
Critical |
Yes |
Arbitrary filesystem access |
A security issue has been found in Jenkins before version 2.319. When creating temporary files, permission to create files is only checked after they’ve... |
| CVE-2021-21692 |
AVG-2526 |
Critical |
Yes |
Arbitrary filesystem access |
A security issue has been found in Jenkins before version 2.319. The operations FilePath#renameTo and FilePath#moveAllChildrenTo only check read permission... |
| CVE-2021-21691 |
AVG-2526 |
Critical |
Yes |
Arbitrary filesystem access |
A security issue has been found in Jenkins before version 2.319. Creating symbolic links is possible without the symlink permission. This allows agent... |
| CVE-2021-21690 |
AVG-2526 |
Critical |
Yes |
Arbitrary filesystem access |
A security issue has been found in Jenkins before version 2.319. Agent processes are able to completely bypass file path filtering by wrapping the file... |
| CVE-2021-21689 |
AVG-2526 |
Critical |
Yes |
Arbitrary filesystem access |
A security issue has been found in Jenkins before version 2.319. FilePath#unzip and FilePath#untar were not subject to any access control. This allows agent... |
| CVE-2021-21688 |
AVG-2526 |
Critical |
Yes |
Arbitrary filesystem access |
A security issue has been found in Jenkins before version 2.319. FilePath#reading(FileVisitor) does not reject any operations, allowing users to have... |
| CVE-2021-21687 |
AVG-2526 |
Critical |
Yes |
Arbitrary filesystem access |
A security issue has been found in Jenkins before version 2.319. FilePath#untar does not check permission to create symbolic links when unarchiving a... |
| CVE-2021-21686 |
AVG-2526 |
Critical |
Yes |
Arbitrary filesystem access |
A security issue has been found in Jenkins before version 2.319. File path filters do not canonicalize paths, allowing operations to follow symbolic links... |
| CVE-2021-21685 |
AVG-2526 |
Critical |
Yes |
Arbitrary filesystem access |
A security issue has been found in Jenkins before version 2.319. FilePath#mkdirs does not check permission to create parent directories. This allows agent... |
| CVE-2021-21683 |
AVG-2449 |
Medium |
Yes |
Directory traversal |
The file browser in Jenkins 2.314 and earlier may interpret some paths to files as absolute on Windows, resulting in a path traversal vulnerability allowing... |
| CVE-2021-21682 |
AVG-2449 |
Medium |
Yes |
Directory traversal |
Jenkins 2.314 and earlier accepts names of jobs and other entities with a trailing dot character, potentially replacing the configuration and data of other... |
| CVE-2021-21671 |
AVG-2118 |
High |
Yes |
Authentication bypass |
Jenkins 2.299 and earlier does not invalidate the existing session on login. This allows attackers to use social engineering techniques to gain... |
| CVE-2021-21670 |
AVG-2118 |
Medium |
Yes |
Access restriction bypass |
Jenkins 2.299 and earlier allows users to cancel queue items and abort builds of jobs for which they have Item/Cancel permission even when they do not have... |
| CVE-2021-21640 |
AVG-1781 |
Medium |
Yes |
Insufficient validation |
Jenkins 2.286 and earlier, LTS 2.277.1 and earlier does not properly check that a newly created view has an allowed name, allowing attackers with... |
| CVE-2021-21639 |
AVG-1781 |
Medium |
Yes |
Insufficient validation |
Jenkins 2.286 and earlier, LTS 2.277.1 and earlier does not validate the type of object created after loading the data submitted to the config.xml REST API... |
| CVE-2021-21615 |
AVG-1491 |
Medium |
Yes |
Directory traversal |
Due to a time-of-check to time-of-use (TOCTOU) race condition, the file browser for workspaces, archived artifacts, and $JENKINS_HOME/userContent/ follows... |
| CVE-2021-21611 |
AVG-1446 |
High |
Yes |
Cross-site scripting |
Jenkins 2.274 and earlier, LTS 2.263.1 and earlier does not escape display names and IDs of item types shown on the New Item page. This results in a stored... |
| CVE-2021-21610 |
AVG-1446 |
High |
Yes |
Cross-site scripting |
Jenkins allows administrators to choose the markup formatter to use for descriptions of jobs, builds, views, etc. displayed in Jenkins. When editing such a... |
| CVE-2021-21609 |
AVG-1446 |
Low |
Yes |
Insufficient validation |
Jenkins includes a static list of URLs that are always accessible even without Overall/Read permission, such as the login form. These URLs are excluded from... |
| CVE-2021-21608 |
AVG-1446 |
High |
Yes |
Cross-site scripting |
Jenkins 2.274 and earlier, LTS 2.263.1 and earlier does not escape button labels in the Jenkins UI. This results in a cross-site scripting vulnerability... |
| CVE-2021-21607 |
AVG-1446 |
Medium |
Yes |
Denial of service |
Jenkins renders several different graphs for features like agent and label usage statistics, memory usage, or various plugin-provided statistics. Jenkins... |
| CVE-2021-21606 |
AVG-1446 |
Medium |
Yes |
Information disclosure |
Jenkins provides a feature for jobs to store and track fingerprints of files used during a build. Jenkins 2.274 and earlier, LTS 2.263.1 and earlier... |
| CVE-2021-21605 |
AVG-1446 |
High |
Yes |
Directory traversal |
Jenkins 2.274 and earlier, LTS 2.263.1 and earlier allows users with Agent/Configure permission to choose agent names that cause Jenkins to override... |
| CVE-2021-21604 |
AVG-1446 |
High |
Yes |
Incorrect calculation |
Jenkins provides XML REST APIs to configure views, jobs, and other items. When deserialization fails because of invalid data, Jenkins 2.274 and earlier, LTS... |
| CVE-2021-21603 |
AVG-1446 |
High |
Yes |
Cross-site scripting |
Jenkins 2.274 and earlier, LTS 2.263.1 and earlier does not escape notification bar response contents (typically shown after form submissions via Apply... |
| CVE-2021-21602 |
AVG-1446 |
Medium |
Yes |
Arbitrary filesystem access |
A security issue was found in Jenkins before version 2.275. The file browser for workspaces, archived artifacts, and $JENKINS_HOME/userContent/ follows... |
| CVE-2019-1003050 |
AVG-948 |
Medium |
Yes |
Cross-site scripting |
The f:validateButton form control for the Jenkins UI did not properly escape job URLs. This resulted in a cross-site scripting (XSS) vulnerability... |
| CVE-2019-1003049 |
AVG-948 |
Medium |
Yes |
Access restriction bypass |
A security issue has been found in Jenkins before 2.172, where the fix for SECURITY-901 in Jenkins 2.150.2 and 2.160 did not reject existing remoting-based... |
| CVE-2019-10384 |
AVG-1030 |
Medium |
Yes |
Cross-site request forgery |
Jenkins allowed the creation of CSRF tokens without a corresponding web session ID. This is the result of an incomplete fix for SECURITY-626 in the... |
| CVE-2019-10383 |
AVG-1030 |
Low |
Yes |
Cross-site scripting |
Jenkins did not properly escape the update site URL in some status messages shown in the update center, resulting in a stored cross-site scripting... |
| CVE-2019-10354 |
AVG-1012 |
High |
Yes |
Access restriction bypass |
A security issue has been found in Jenkins before 2.186. Jenkins uses the Stapler web framework to render its UI views. These views are frequently comprised... |
| CVE-2019-10353 |
AVG-1012 |
High |
Yes |
Cross-site request forgery |
By default, CSRF tokens in Jenkins before 2.186 only checked user authentication and IP address. This allowed attackers able to obtain a CSRF token for... |
| CVE-2019-10352 |
AVG-1012 |
High |
Yes |
Arbitrary file overwrite |
A vulnerability has been found in Jenkins before 2.186, where users with Job/Configure permission could specify a relative path escaping the base directory... |
| CVE-2018-1999043 |
AVG-778 |
Medium |
Yes |
Access restriction bypass |
A security issue has been found in Jenkins version prior to 2.146. When attempting to authenticate using API token, an ephemeral user record was created to... |
| CVE-2018-1999007 |
AVG-738 |
Medium |
Yes |
Cross-site scripting |
Stapler is the web framework used by Jenkins to route HTTP requests. When its debug mode is enabled, HTTP 404 error pages display diagnostic information.... |
| CVE-2018-1999006 |
AVG-738 |
Medium |
Yes |
Information disclosure |
Files indicating when a plugin JPI file was last extracted into a subdirectory of plugins/ in the Jenkins home directory were accessible via HTTP by users... |
| CVE-2018-1999005 |
AVG-738 |
Medium |
Yes |
Cross-site scripting |
The build timeline widget shown on URLs like /view/…/builds in Jenkins before 2.133 did not properly escape display names of items. This resulted in a... |
| CVE-2018-1999004 |
AVG-738 |
Medium |
Yes |
Access restriction bypass |
The URL that initiates agent launches on the Jenkins master before 2.133 did not perform a permission check, allowing users with Overall/Read permission to... |
| CVE-2018-1999003 |
AVG-738 |
Medium |
Yes |
Access restriction bypass |
The URLs handling cancellation of queued builds in Jenkins before 2.133 did not perform a permission check, allowing users with Overall/Read permission to... |
| CVE-2018-1999002 |
AVG-738 |
High |
Yes |
Arbitrary filesystem access |
An arbitrary file read vulnerability in the Stapler web framework used by Jenkins before 2.133 allowed unauthenticated users to send crafted HTTP requests... |
| CVE-2018-1999001 |
AVG-738 |
High |
Yes |
Access restriction bypass |
Unauthenticated users could provide maliciously crafted login credentials that cause Jenkins before 2.133 to move the config.xml file from the Jenkins home... |
| CVE-2017-1000356 |
AVG-255 |
High |
Yes |
Cross-site request forgery |
Multiple Cross-Site Request Forgery vulnerabilities in Jenkins allowed malicious users to perform several administrative actions by tricking a victim into... |
| CVE-2017-1000355 |
AVG-255 |
Medium |
Yes |
Arbitrary code execution |
Jenkins uses the XStream library to serialize and deserialize XML. Its maintainer recently published a security vulnerability that allows anyone able to... |
| CVE-2017-1000354 |
AVG-255 |
High |
Yes |
Privilege escalation |
The login command available in the remoting-based CLI stored the encrypted user name of the successfully authenticated user in a cache file used to... |
| CVE-2017-17383 |
AVG-543 |
Medium |
Yes |
Cross-site scripting |
Jenkins through 2.93 allows remote authenticated administrators to conduct XSS attacks via a crafted tool name in a job configuration form, as demonstrated... |
| CVE-2014-3577 |
AVG-2448 |
Medium |
Yes |
Certificate verification bypass |
Jenkins 2.314 and earlier bundles a version of the commons-httpclient library with the vulnerability CVE-2014-3577 that incorrectly verified SSL/TLS... |