Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:maven/org.jenkins-ci.main/jenkins-core@2.164.2
purl pkg:maven/org.jenkins-ci.main/jenkins-core@2.164.2
Vulnerabilities affecting this package (0)
Vulnerability Summary Fixed by
This package is not known to be affected by vulnerabilities.
Vulnerabilities fixed by this package (2)
Vulnerability Summary Aliases
VCID-6wmw-rn4w-vqf5 Cross-site Scripting The `f:validateButton` form control for the Jenkins UI did not properly escape job URLs resulting in a cross-site scripting (XSS) vulnerability exploitable by users with the ability to control job names. CVE-2019-1003050
GHSA-qpg9-83fv-x9ch
VCID-zftt-hmv8-judu Improper Authentication Users who cached their CLI authentication would remain authenticated because the fix for CVE-2019-1003004 in these releases did not reject existing remoting-based CLI authentication caches. CVE-2019-1003049
GHSA-742j-jcfr-23w3

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-01T16:00:47.748222+00:00 GHSA Importer Fixing VCID-6wmw-rn4w-vqf5 https://github.com/advisories/GHSA-qpg9-83fv-x9ch 38.0.0
2026-04-01T16:00:47.559698+00:00 GHSA Importer Fixing VCID-zftt-hmv8-judu https://github.com/advisories/GHSA-742j-jcfr-23w3 38.0.0
2026-04-01T13:11:47.879439+00:00 GithubOSV Importer Fixing VCID-6wmw-rn4w-vqf5 https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-qpg9-83fv-x9ch/GHSA-qpg9-83fv-x9ch.json 38.0.0
2026-04-01T13:09:37.505956+00:00 GithubOSV Importer Fixing VCID-zftt-hmv8-judu https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-742j-jcfr-23w3/GHSA-742j-jcfr-23w3.json 38.0.0