VulnerableCode Package Details - pkg:alpm/archlinux/jenkins@2.172-1

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:alpm/archlinux/jenkins@2.172-1

Essentials
History (4)

purl	pkg:alpm/archlinux/jenkins@2.172-1

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (2)

Vulnerability	Summary	Aliases
VCID-6wmw-rn4w-vqf5	Cross-site Scripting The `f:validateButton` form control for the Jenkins UI did not properly escape job URLs resulting in a cross-site scripting (XSS) vulnerability exploitable by users with the ability to control job names.	CVE-2019-1003050 GHSA-qpg9-83fv-x9ch
VCID-zftt-hmv8-judu	Improper Authentication Users who cached their CLI authentication would remain authenticated because the fix for CVE-2019-1003004 in these releases did not reject existing remoting-based CLI authentication caches.	CVE-2019-1003049 GHSA-742j-jcfr-23w3

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-06T05:35:35.322820+00:00	Arch Linux Importer	Fixing	VCID-zftt-hmv8-judu	https://security.archlinux.org/AVG-948	38.1.0
2026-04-06T05:35:35.300249+00:00	Arch Linux Importer	Fixing	VCID-6wmw-rn4w-vqf5	https://security.archlinux.org/AVG-948	38.1.0
2026-04-01T18:27:02.457558+00:00	Arch Linux Importer	Fixing	VCID-zftt-hmv8-judu	https://security.archlinux.org/AVG-948	38.0.0
2026-04-01T18:27:02.432989+00:00	Arch Linux Importer	Fixing	VCID-6wmw-rn4w-vqf5	https://security.archlinux.org/AVG-948	38.0.0