VulnerableCode Package Details - pkg:rpm/redhat/jenkins@2.426.3.1706516929-3?arch=el8

Search for packages

Vulnerability	Summary	Fixed by
VCID-26me-tpwn-7udz Aliases: CVE-2024-23898 GHSA-53ph-2r2x-vqw8	Cross-site WebSocket hijacking vulnerability in the Jenkins CLI Jenkins has a built-in command line interface (CLI) to access Jenkins from a script or shell environment. Since Jenkins 2.217 and LTS 2.222.1, one of the ways to communicate with the CLI is through a WebSocket endpoint. This endpoint relies on the default Jenkins web request authentication functionality, like HTTP Basic authentication with API tokens, or session cookies. This endpoint is enabled when running on a version of Jetty for which Jenkins supports WebSockets. This is the case when using the provided native installers, packages, or the Docker containers, as well as when running Jenkins with the command java -jar jenkins.war. Jenkins 2.217 through 2.441 (both inclusive), LTS 2.222.1 through 2.426.2 (both inclusive) does not perform origin validation of requests made through the CLI WebSocket endpoint, resulting in a cross-site WebSocket hijacking (CSWSH) vulnerability.	There are no reported fixed by versions.
VCID-432r-ukuw-4bgt Aliases: CVE-2023-27903 GHSA-584m-7r4m-8j6v	Incorrect Authorization Jenkins 2.393 and earlier, LTS 2.375.3 and earlier creates a temporary file in the default temporary directory with the default permissions for newly created files when uploading a file parameter through the CLI, potentially allowing attackers with access to the Jenkins controller file system to read and write the file before it is used.	There are no reported fixed by versions.
VCID-5jqb-k5g9-6bb4 Aliases: CVE-2024-23897 GHSA-6f9g-cxwr-q5jr	Arbitrary file read vulnerability through the Jenkins CLI can lead to RCE Jenkins has a built-in command line interface (CLI) to access Jenkins from a script or shell environment. Jenkins uses the args4j library to parse command arguments and options on the Jenkins controller when processing CLI commands. This command parser has a feature that replaces an @ character followed by a file path in an argument with the file’s contents (expandAtFiles). This feature is enabled by default and Jenkins 2.441 and earlier, LTS 2.426.2 and earlier does not disable it. This allows attackers to read arbitrary files on the Jenkins controller file system using the default character encoding of the Jenkins controller process. * Attackers with Overall/Read permission can read entire files. * Attackers without Overall/Read permission can read the first few lines of files. The number of lines that can be read depends on available CLI commands. As of publication of this advisory, the Jenkins security team has found ways to read the first three lines of files in recent releases of Jenkins without having any plugins installed, and has not identified any plugins that would increase this line count. Binary files containing cryptographic keys used for various Jenkins features can also be read, with some limitations (see note on binary files below). As of publication, the Jenkins security team has confirmed the following possible attacks in addition to reading contents of all files with a known file path. All of them leverage attackers' ability to obtain cryptographic keys from binary files, and are therefore only applicable to instances where that is feasible.	There are no reported fixed by versions.
VCID-6925-fwf4-f7df Aliases: CVE-2023-27904 GHSA-rrgp-c2w8-6vg6	Generation of Error Message Containing Sensitive Information Jenkins 2.393 and earlier, LTS 2.375.3 and earlier prints an error stack trace on agent-related pages when agent connections are broken, potentially revealing information about Jenkins configuration that is otherwise inaccessible to attackers.	There are no reported fixed by versions.

Vulnerability

Summary

Fixed by

VCID-26me-tpwn-7udz
Aliases:
CVE-2024-23898
GHSA-53ph-2r2x-vqw8

Cross-site WebSocket hijacking vulnerability in the Jenkins CLI Jenkins has a built-in command line interface (CLI) to access Jenkins from a script or shell environment. Since Jenkins 2.217 and LTS 2.222.1, one of the ways to communicate with the CLI is through a WebSocket endpoint. This endpoint relies on the default Jenkins web request authentication functionality, like HTTP Basic authentication with API tokens, or session cookies. This endpoint is enabled when running on a version of Jetty for which Jenkins supports WebSockets. This is the case when using the provided native installers, packages, or the Docker containers, as well as when running Jenkins with the command java -jar jenkins.war. Jenkins 2.217 through 2.441 (both inclusive), LTS 2.222.1 through 2.426.2 (both inclusive) does not perform origin validation of requests made through the CLI WebSocket endpoint, resulting in a cross-site WebSocket hijacking (CSWSH) vulnerability.

There are no reported fixed by versions.

VCID-432r-ukuw-4bgt
Aliases:
CVE-2023-27903
GHSA-584m-7r4m-8j6v

Incorrect Authorization Jenkins 2.393 and earlier, LTS 2.375.3 and earlier creates a temporary file in the default temporary directory with the default permissions for newly created files when uploading a file parameter through the CLI, potentially allowing attackers with access to the Jenkins controller file system to read and write the file before it is used.

There are no reported fixed by versions.

VCID-5jqb-k5g9-6bb4
Aliases:
CVE-2024-23897
GHSA-6f9g-cxwr-q5jr

Arbitrary file read vulnerability through the Jenkins CLI can lead to RCE Jenkins has a built-in command line interface (CLI) to access Jenkins from a script or shell environment. Jenkins uses the args4j library to parse command arguments and options on the Jenkins controller when processing CLI commands. This command parser has a feature that replaces an @ character followed by a file path in an argument with the file’s contents (expandAtFiles). This feature is enabled by default and Jenkins 2.441 and earlier, LTS 2.426.2 and earlier does not disable it. This allows attackers to read arbitrary files on the Jenkins controller file system using the default character encoding of the Jenkins controller process. * Attackers with Overall/Read permission can read entire files. * Attackers without Overall/Read permission can read the first few lines of files. The number of lines that can be read depends on available CLI commands. As of publication of this advisory, the Jenkins security team has found ways to read the first three lines of files in recent releases of Jenkins without having any plugins installed, and has not identified any plugins that would increase this line count. Binary files containing cryptographic keys used for various Jenkins features can also be read, with some limitations (see note on binary files below). As of publication, the Jenkins security team has confirmed the following possible attacks in addition to reading contents of all files with a known file path. All of them leverage attackers' ability to obtain cryptographic keys from binary files, and are therefore only applicable to instances where that is feasible.

There are no reported fixed by versions.

VCID-6925-fwf4-f7df
Aliases:
CVE-2023-27904
GHSA-rrgp-c2w8-6vg6

Generation of Error Message Containing Sensitive Information Jenkins 2.393 and earlier, LTS 2.375.3 and earlier prints an error stack trace on agent-related pages when agent connections are broken, potentially revealing information about Jenkins configuration that is otherwise inaccessible to attackers.

There are no reported fixed by versions.

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Vulnerability

Summary

Aliases

This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-01T13:55:08.154303+00:00	RedHat Importer	Affected by	VCID-6925-fwf4-f7df	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-27904.json	38.0.0
2026-04-01T13:55:07.870947+00:00	RedHat Importer	Affected by	VCID-432r-ukuw-4bgt	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-27903.json	38.0.0
2026-04-01T13:50:29.129004+00:00	RedHat Importer	Affected by	VCID-26me-tpwn-7udz	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-23898.json	38.0.0
2026-04-01T13:50:29.060687+00:00	RedHat Importer	Affected by	VCID-5jqb-k5g9-6bb4	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-23897.json	38.0.0