VulnerableCode Package Details - pkg:maven/org.jenkins-ci.main/jenkins-core@1.583

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-3n8p-4yz7-dffq	Jenkins Exposure of Sensitive Information to an Unauthorized Actor vulnerability Jenkins before 1.583 and LTS before 1.565.3 allows remote authenticated users with the Job/READ permission to obtain the default value for the password field of a parameterized job by reading the DOM.	CVE-2014-3680 GHSA-8x8p-mfwv-9fjw
VCID-8umn-p534-x7e1	Jenkins Cross-site Scripting vulnerability Cross-site scripting (XSS) vulnerability in Jenkins before 1.583 and LTS before 1.565.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.	CVE-2014-3681 GHSA-cwh9-f8m6-6r63
VCID-bybe-uz73-eyg9	Jenkins Path Traversal vulnerability Directory traversal vulnerability in Jenkins before 1.583 and LTS before 1.565.3 allows remote authenticated users with the Overall/READ permission to read arbitrary files via unspecified vectors.	CVE-2014-3664 GHSA-3gp5-92h5-h855
VCID-jxyb-bxnj-z3dz	Jenkins allows for Code Execution via Crafted Packet to the CLI Jenkins before 1.583 and LTS before 1.565.3 allows remote attackers to execute arbitrary code via a crafted packet to the CLI channel.	CVE-2014-3666 GHSA-fvfh-8mj3-23xj
VCID-ndzh-exad-ekeu	Jenkins Exposure of Sensitive Information to an Unauthorized Actor vulnerability Jenkins before 1.583 and LTS before 1.565.3 allows remote attackers to enumerate user names via vectors related to login attempts.	CVE-2014-3662 GHSA-fxqr-px2m-fvc2
VCID-nywh-ka3z-ybe5	Jenkins allows Remote Users to Obtain Sensitive Information from a Plugin Code Jenkins before 1.583 and LTS before 1.565.3 does not properly prevent downloading of plugins, which allows remote authenticated users with the Overall/READ permission to obtain sensitive information by reading the plugin code.	CVE-2014-3667 GHSA-5xm3-48v5-6h7v
VCID-qm91-rpwc-eufk	Jenkins Denial of Service vulnerability Jenkins before 1.583 and LTS before 1.565.3 allows remote attackers to cause a denial of service (thread consumption) via vectors related to a CLI handshake.	CVE-2014-3661 GHSA-r5m2-g5gc-q43r
VCID-szdt-snzm-2bbk	Jenkins allows remote authenticated users to bypass intended restrictions and create or destroy arbitrary jobs Jenkins before 1.583 and LTS before 1.565.3 allows remote authenticated users with the Job/CONFIGURE permission to bypass intended restrictions and create or destroy arbitrary jobs via unspecified vectors.	CVE-2014-3663 GHSA-64mc-2m9p-23c8

Vulnerability

Summary

Aliases

VCID-3n8p-4yz7-dffq

Jenkins Exposure of Sensitive Information to an Unauthorized Actor vulnerability Jenkins before 1.583 and LTS before 1.565.3 allows remote authenticated users with the Job/READ permission to obtain the default value for the password field of a parameterized job by reading the DOM.

CVE-2014-3680
GHSA-8x8p-mfwv-9fjw

VCID-8umn-p534-x7e1

Jenkins Cross-site Scripting vulnerability Cross-site scripting (XSS) vulnerability in Jenkins before 1.583 and LTS before 1.565.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CVE-2014-3681
GHSA-cwh9-f8m6-6r63

VCID-bybe-uz73-eyg9

Jenkins Path Traversal vulnerability Directory traversal vulnerability in Jenkins before 1.583 and LTS before 1.565.3 allows remote authenticated users with the Overall/READ permission to read arbitrary files via unspecified vectors.

CVE-2014-3664
GHSA-3gp5-92h5-h855

VCID-jxyb-bxnj-z3dz

Jenkins allows for Code Execution via Crafted Packet to the CLI Jenkins before 1.583 and LTS before 1.565.3 allows remote attackers to execute arbitrary code via a crafted packet to the CLI channel.

CVE-2014-3666
GHSA-fvfh-8mj3-23xj

VCID-ndzh-exad-ekeu

Jenkins Exposure of Sensitive Information to an Unauthorized Actor vulnerability Jenkins before 1.583 and LTS before 1.565.3 allows remote attackers to enumerate user names via vectors related to login attempts.

CVE-2014-3662
GHSA-fxqr-px2m-fvc2

VCID-nywh-ka3z-ybe5

Jenkins allows Remote Users to Obtain Sensitive Information from a Plugin Code Jenkins before 1.583 and LTS before 1.565.3 does not properly prevent downloading of plugins, which allows remote authenticated users with the Overall/READ permission to obtain sensitive information by reading the plugin code.

CVE-2014-3667
GHSA-5xm3-48v5-6h7v

VCID-qm91-rpwc-eufk

Jenkins Denial of Service vulnerability Jenkins before 1.583 and LTS before 1.565.3 allows remote attackers to cause a denial of service (thread consumption) via vectors related to a CLI handshake.

CVE-2014-3661
GHSA-r5m2-g5gc-q43r

VCID-szdt-snzm-2bbk

Jenkins allows remote authenticated users to bypass intended restrictions and create or destroy arbitrary jobs Jenkins before 1.583 and LTS before 1.565.3 allows remote authenticated users with the Job/CONFIGURE permission to bypass intended restrictions and create or destroy arbitrary jobs via unspecified vectors.

CVE-2014-3663
GHSA-64mc-2m9p-23c8

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-05-29T17:32:45.551560+00:00	GitLab Importer	Fixing	VCID-qm91-rpwc-eufk	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.jenkins-ci.main/jenkins-core/CVE-2014-3661.yml	38.6.0
2026-05-29T17:32:34.153746+00:00	GitLab Importer	Fixing	VCID-8umn-p534-x7e1	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.jenkins-ci.main/jenkins-core/CVE-2014-3681.yml	38.6.0
2026-05-29T09:42:36.542315+00:00	GithubOSV Importer	Fixing	VCID-bybe-uz73-eyg9	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-3gp5-92h5-h855/GHSA-3gp5-92h5-h855.json	38.6.0
2026-05-29T09:41:17.887852+00:00	GithubOSV Importer	Fixing	VCID-nywh-ka3z-ybe5	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-5xm3-48v5-6h7v/GHSA-5xm3-48v5-6h7v.json	38.6.0
2026-05-29T09:37:03.439126+00:00	GithubOSV Importer	Fixing	VCID-szdt-snzm-2bbk	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-64mc-2m9p-23c8/GHSA-64mc-2m9p-23c8.json	38.6.0
2026-05-29T09:36:05.526071+00:00	GithubOSV Importer	Fixing	VCID-8umn-p534-x7e1	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-cwh9-f8m6-6r63/GHSA-cwh9-f8m6-6r63.json	38.6.0
2026-05-29T09:35:07.038253+00:00	GithubOSV Importer	Fixing	VCID-jxyb-bxnj-z3dz	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-fvfh-8mj3-23xj/GHSA-fvfh-8mj3-23xj.json	38.6.0
2026-05-29T09:34:21.560274+00:00	GithubOSV Importer	Fixing	VCID-qm91-rpwc-eufk	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-r5m2-g5gc-q43r/GHSA-r5m2-g5gc-q43r.json	38.6.0
2026-05-29T09:33:53.512005+00:00	GithubOSV Importer	Fixing	VCID-ndzh-exad-ekeu	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-fxqr-px2m-fvc2/GHSA-fxqr-px2m-fvc2.json	38.6.0
2026-05-29T09:32:59.613540+00:00	GithubOSV Importer	Fixing	VCID-3n8p-4yz7-dffq	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-8x8p-mfwv-9fjw/GHSA-8x8p-mfwv-9fjw.json	38.6.0