Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:maven/org.jenkins-ci.main/jenkins-core@2.252
purl pkg:maven/org.jenkins-ci.main/jenkins-core@2.252
Vulnerabilities affecting this package (0)
Vulnerability Summary Fixed by
This package is not known to be affected by vulnerabilities.
Vulnerabilities fixed by this package (3)
Vulnerability Summary Aliases
VCID-cgen-qcyh-yqbu Jenkins Cross-site Scripting vulnerability in project naming strategy Jenkins 2.251 and earlier, LTS 2.235.3 and earlier does not escape the project naming strategy description, that is displayed on item creation.\n\nThis results in a stored cross-site scripting (XSS) vulnerability exploitable by users with Overall/Manage permission.\n\nJenkins 2.252, LTS 2.235.4 escapes the project naming strategy description. CVE-2020-2230
GHSA-9g4m-ffx6-c29g
VCID-fy5p-8vcs-zkha Jenkins Cross-Site Scripting vulnerability in help icons Jenkins 2.251 and earlier, LTS 2.235.3 and earlier does not escape the tooltip content of help icons. Tooltip values can be contributed by plugins, some of which use user-specified values. This results in a stored cross-site scripting (XSS) vulnerability. Jenkins 2.252, LTS 2.235.4 escapes the tooltip content of help icons. CVE-2020-2229
GHSA-hvmc-7g2x-r3p9
VCID-re1r-xjv4-sqd3 Improper Neutralization of Input During Web Page Generation in Jenkins Jenkins 2.251 and earlier, LTS 2.235.3 and earlier does not escape the remote address of the host starting a build via 'Trigger builds remotely', resulting in a stored cross-site scripting (XSS) vulnerability exploitable by users with Job/Configure permission or knowledge of the Authentication Token. CVE-2020-2231
GHSA-jpvq-v729-7j2h

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-04T14:32:42.017694+00:00 GHSA Importer Fixing VCID-cgen-qcyh-yqbu https://github.com/advisories/GHSA-9g4m-ffx6-c29g 38.1.0
2026-04-04T14:32:41.918859+00:00 GHSA Importer Fixing VCID-fy5p-8vcs-zkha https://github.com/advisories/GHSA-hvmc-7g2x-r3p9 38.1.0
2026-04-04T14:32:41.770534+00:00 GHSA Importer Fixing VCID-re1r-xjv4-sqd3 https://github.com/advisories/GHSA-jpvq-v729-7j2h 38.1.0
2026-04-02T12:36:59.842390+00:00 GitLab Importer Fixing VCID-re1r-xjv4-sqd3 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.jenkins-ci.main/jenkins-core/CVE-2020-2231.yml 38.0.0
2026-04-02T12:36:59.785571+00:00 GitLab Importer Fixing VCID-cgen-qcyh-yqbu https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.jenkins-ci.main/jenkins-core/CVE-2020-2230.yml 38.0.0
2026-04-02T12:36:59.730639+00:00 GitLab Importer Fixing VCID-fy5p-8vcs-zkha https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.jenkins-ci.main/jenkins-core/CVE-2020-2229.yml 38.0.0
2026-04-01T13:11:51.539594+00:00 GithubOSV Importer Fixing VCID-re1r-xjv4-sqd3 https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-jpvq-v729-7j2h/GHSA-jpvq-v729-7j2h.json 38.0.0
2026-04-01T13:10:43.542106+00:00 GithubOSV Importer Fixing VCID-fy5p-8vcs-zkha https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-hvmc-7g2x-r3p9/GHSA-hvmc-7g2x-r3p9.json 38.0.0
2026-04-01T13:08:27.474989+00:00 GithubOSV Importer Fixing VCID-cgen-qcyh-yqbu https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-9g4m-ffx6-c29g/GHSA-9g4m-ffx6-c29g.json 38.0.0