Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:maven/org.jenkins-ci.main/jenkins-core@2.121
purl pkg:maven/org.jenkins-ci.main/jenkins-core@2.121
Vulnerabilities affecting this package (0)
Vulnerability Summary Fixed by
This package is not known to be affected by vulnerabilities.
Vulnerabilities fixed by this package (4)
Vulnerability Summary Aliases
VCID-8x6t-vhae-kkd8 Information Exposure An information exposure vulnerability exists in Jenkins that allows users with Overall/Read access to enumerate all installed plugins. CVE-2018-1000192
GHSA-2w4x-rxp7-grg7
VCID-df66-65bh-3fhy Cross-Site Request Forgery (CSRF) A server-side request forgery vulnerability exists in Jenkins that allows users with Overall/Read permission to have Jenkins submit an HTTP GET request to an arbitrary URL and learn whether the response is successful or not. CVE-2018-1000195
GHSA-rgmj-mccj-h9mx
VCID-h88g-ywc5-1ycw Injection Vulnerability An improper neutralization of control sequences vulnerability exists in Jenkins in `HudsonPrivateSecurityRealm.java` that allows users to sign up using user names containing control characters that can then appear to have the same name as other users, and cannot be deleted via the UI. CVE-2018-1000193
GHSA-7592-93rm-6gpx
VCID-pdf9-n6qs-ybcc Path Traversal A path traversal vulnerability exists in Jenkins in `FilePath.java`, `SoloFilePathFilter.java` that allows malicious agents to read and write arbitrary files on the Jenkins master, bypassing the agent-to-master security subsystem protection. CVE-2018-1000194
GHSA-x646-m7x2-gcp7

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-01T16:00:48.091162+00:00 GHSA Importer Fixing VCID-8x6t-vhae-kkd8 https://github.com/advisories/GHSA-2w4x-rxp7-grg7 38.0.0
2026-04-01T16:00:48.033351+00:00 GHSA Importer Fixing VCID-h88g-ywc5-1ycw https://github.com/advisories/GHSA-7592-93rm-6gpx 38.0.0
2026-04-01T16:00:47.653746+00:00 GHSA Importer Fixing VCID-df66-65bh-3fhy https://github.com/advisories/GHSA-rgmj-mccj-h9mx 38.0.0
2026-04-01T16:00:47.591667+00:00 GHSA Importer Fixing VCID-pdf9-n6qs-ybcc https://github.com/advisories/GHSA-x646-m7x2-gcp7 38.0.0
2026-04-01T13:09:37.379106+00:00 GithubOSV Importer Fixing VCID-pdf9-n6qs-ybcc https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-x646-m7x2-gcp7/GHSA-x646-m7x2-gcp7.json 38.0.0
2026-04-01T13:09:03.556736+00:00 GithubOSV Importer Fixing VCID-df66-65bh-3fhy https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-rgmj-mccj-h9mx/GHSA-rgmj-mccj-h9mx.json 38.0.0
2026-04-01T13:08:13.504461+00:00 GithubOSV Importer Fixing VCID-8x6t-vhae-kkd8 https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-2w4x-rxp7-grg7/GHSA-2w4x-rxp7-grg7.json 38.0.0
2026-04-01T13:07:37.865672+00:00 GithubOSV Importer Fixing VCID-h88g-ywc5-1ycw https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-7592-93rm-6gpx/GHSA-7592-93rm-6gpx.json 38.0.0
2026-04-01T12:47:43.753789+00:00 GitLab Importer Fixing VCID-h88g-ywc5-1ycw https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.jenkins-ci.main/jenkins-core/CVE-2018-1000193.yml 38.0.0
2026-04-01T12:47:43.716850+00:00 GitLab Importer Fixing VCID-pdf9-n6qs-ybcc https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.jenkins-ci.main/jenkins-core/CVE-2018-1000194.yml 38.0.0
2026-04-01T12:47:43.591899+00:00 GitLab Importer Fixing VCID-df66-65bh-3fhy https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.jenkins-ci.main/jenkins-core/CVE-2018-1000195.yml 38.0.0
2026-04-01T12:47:43.554248+00:00 GitLab Importer Fixing VCID-8x6t-vhae-kkd8 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.jenkins-ci.main/jenkins-core/CVE-2018-1000192.yml 38.0.0