Search for packages
| purl | pkg:maven/org.jenkins-ci.main/jenkins-core@2.150.2 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
| This package is not known to be affected by vulnerabilities. | ||
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-cf29-8rvn-kfbd | Insufficient Session Expiration An improper authorization vulnerability exists in Jenkins in `core/src/main/java/hudson/security/TokenBasedRememberMeServices2.java` that allows attackers with `Overall/RunScripts` permission to craft Remember Me cookies that would never expire, allowing to persist access to temporarily compromised user accounts. |
CVE-2019-1003003
GHSA-6rh5-23hx-j452 |
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-01T16:00:52.620393+00:00 | GHSA Importer | Fixing | VCID-cf29-8rvn-kfbd | https://github.com/advisories/GHSA-6rh5-23hx-j452 | 38.0.0 |
| 2026-04-01T13:09:38.561465+00:00 | GithubOSV Importer | Fixing | VCID-cf29-8rvn-kfbd | https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-6rh5-23hx-j452/GHSA-6rh5-23hx-j452.json | 38.0.0 |