VulnerableCode Package Details - pkg:maven/org.jenkins-ci.main/jenkins-core@2.2

Search for packages

Vulnerability	Summary	Fixed by
VCID-8y2p-df9x-a7cp Aliases: CVE-2016-3722 GHSA-3857-xm38-jmq2	Permissions, Privileges, and Access Controls Jenkins allows remote authenticated users with multiple accounts to cause a denial of service (unable to login) by editing the "full name".	2.3 Affected by 0 other vulnerabilities.
VCID-puux-2z74-3yea Aliases: CVE-2016-3723 GHSA-8572-5jrg-mx52	Information Exposure Jenkins allows remote authenticated users with read access to obtain sensitive plugin installation information by leveraging missing permissions checks in unspecified XML/JSON API endpoints.	2.3 Affected by 0 other vulnerabilities.
VCID-yvec-gpmh-73hq Aliases: CVE-2016-3725 GHSA-59fm-6x3q-q3q5	Permissions, Privileges, and Access Controls Jenkins allows remote authenticated users to trigger updating of update site metadata by leveraging a missing permission check.	2.3 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-8y2p-df9x-a7cp
Aliases:
CVE-2016-3722
GHSA-3857-xm38-jmq2

Permissions, Privileges, and Access Controls Jenkins allows remote authenticated users with multiple accounts to cause a denial of service (unable to login) by editing the "full name".

2.3
Affected by 0 other vulnerabilities.

VCID-puux-2z74-3yea
Aliases:
CVE-2016-3723
GHSA-8572-5jrg-mx52

Information Exposure Jenkins allows remote authenticated users with read access to obtain sensitive plugin installation information by leveraging missing permissions checks in unspecified XML/JSON API endpoints.

2.3
Affected by 0 other vulnerabilities.

VCID-yvec-gpmh-73hq
Aliases:
CVE-2016-3725
GHSA-59fm-6x3q-q3q5

Permissions, Privileges, and Access Controls Jenkins allows remote authenticated users to trigger updating of update site metadata by leveraging a missing permission check.

2.3
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Vulnerability

Summary

Aliases

This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-01T12:47:03.270798+00:00	GitLab Importer	Affected by	VCID-8y2p-df9x-a7cp	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.jenkins-ci.main/jenkins-core/CVE-2016-3722.yml	38.0.0
2026-04-01T12:47:03.254384+00:00	GitLab Importer	Affected by	VCID-puux-2z74-3yea	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.jenkins-ci.main/jenkins-core/CVE-2016-3723.yml	38.0.0
2026-04-01T12:47:03.235563+00:00	GitLab Importer	Affected by	VCID-yvec-gpmh-73hq	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.jenkins-ci.main/jenkins-core/CVE-2016-3725.yml	38.0.0