CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2026-33001
https://notcve.org/view.php?id=CVE-2026-33001
18 Mar 2026 — Jenkins 2.554 and earlier, LTS 2.541.2 and earlier does not safely handle symbolic links during the extraction of .tar and .tar.gz archives, allowing crafted archives to write files to arbitrary locations on the filesystem, restricted only by file system access permissions of the user running Jenkins. This can be exploited to deploy malicious scripts or plugins on the controller by attackers with Item/Configure permission, or able to control agent processes. Jenkins 2.554 y anteriores, LTS 2.541.2 y anterio... • https://www.jenkins.io/security/advisory/2026-03-18/#SECURITY-3657 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-64145
https://notcve.org/view.php?id=CVE-2025-64145
29 Oct 2025 — Jenkins ByteGuard Build Actions Plugin 1.0 does not mask API tokens displayed on the job configuration form, increasing the potential for attackers to observe and capture them. • https://www.jenkins.io/security/advisory/2025-10-29/#SECURITY-3560 • CWE-311: Missing Encryption of Sensitive Data •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-64144
https://notcve.org/view.php?id=CVE-2025-64144
29 Oct 2025 — Jenkins ByteGuard Build Actions Plugin 1.0 stores API tokens unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Item/Extended Read permission, or access to the Jenkins controller file system. • https://www.jenkins.io/security/advisory/2025-10-29/#SECURITY-3560 • CWE-311: Missing Encryption of Sensitive Data •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2025-59476
https://notcve.org/view.php?id=CVE-2025-59476
17 Sep 2025 — Jenkins 2.527 and earlier, LTS 2.516.2 and earlier does not restrict or transform the characters that can be inserted from user-specified content in log messages, allowing attackers able to control log message contents to insert line break characters, followed by forged log messages that may mislead administrators reviewing log output. • https://www.jenkins.io/security/advisory/2025-09-17/#SECURITY-3424 • CWE-117: Improper Output Neutralization for Logs •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2025-59475
https://notcve.org/view.php?id=CVE-2025-59475
17 Sep 2025 — Jenkins 2.527 and earlier, LTS 2.516.2 and earlier does not perform a permission check for the authenticated user profile dropdown menu, allowing attackers without Overall/Read permission to obtain limited information about the Jenkins configuration by listing available options in this menu (e.g., whether Credentials Plugin is installed). • https://www.jenkins.io/security/advisory/2025-09-17/#SECURITY-3625 • CWE-862: Missing Authorization •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2025-59474
https://notcve.org/view.php?id=CVE-2025-59474
17 Sep 2025 — Jenkins 2.527 and earlier, LTS 2.516.2 and earlier does not perform a permission check in the sidepanel of a page intentionally accessible to users lacking Overall/Read permission, allowing attackers without Overall/Read permission to list agent names through its sidepanel executors widget. • https://www.jenkins.io/security/advisory/2025-09-17/#SECURITY-3594 • CWE-862: Missing Authorization •
CVSS: 10.0EPSS: 94%CPEs: 2EXPL: 54CVE-2024-23897 – Jenkins Command Line Interface (CLI) Path Traversal Vulnerability
https://notcve.org/view.php?id=CVE-2024-23897
24 Jan 2024 — Jenkins 2.441 and earlier, LTS 2.426.2 and earlier does not disable a feature of its CLI command parser that replaces an '@' character followed by a file path in an argument with the file's contents, allowing unauthenticated attackers to read arbitrary files on the Jenkins controller file system. Jenkins 2.441 y anteriores, LTS 2.426.2 y anteriores no desactivan una función de su analizador de comandos CLI que reemplaza un carácter '@' seguido de una ruta de archivo en un argumento con el contenido del arch... • https://packetstorm.news/files/id/178047 • CWE-27: Path Traversal: 'dir/../../filename' CWE-88: Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') •
CVSS: 7.8EPSS: 1%CPEs: 8EXPL: 1CVE-2023-36478 – HTTP/2 HPACK integer overflow and buffer allocation
https://notcve.org/view.php?id=CVE-2023-36478
10 Oct 2023 — Eclipse Jetty provides a web server and servlet container. In versions 11.0.0 through 11.0.15, 10.0.0 through 10.0.15, and 9.0.0 through 9.4.52, an integer overflow in `MetaDataBuilder.checkSize` allows for HTTP/2 HPACK header values to exceed their size limit. `MetaDataBuilder.java` determines if a header name or value exceeds the size limit, and throws an exception if the limit is exceeded. However, when length is very large and huffman is true, the multiplication by 4 in line 295 will overflow, and lengt... • http://www.openwall.com/lists/oss-security/2023/10/18/4 • CWE-190: Integer Overflow or Wraparound CWE-400: Uncontrolled Resource Consumption •
CVSS: 9.8EPSS: 94%CPEs: 444EXPL: 23CVE-2023-44487 – HTTP/2 Rapid Reset Attack Vulnerability
https://notcve.org/view.php?id=CVE-2023-44487
10 Oct 2023 — The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. El protocolo HTTP/2 permite una denegación de servicio (consumo de recursos del servidor) porque la cancelación de solicitudes puede restablecer muchas transmisiones rápidamente, como se explotó en la naturaleza entre agosto y octubre de 2023. A flaw was found in handling multiplexed streams in the HTTP/2 protocol. ... • https://packetstorm.news/files/id/211124 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 8.5EPSS: 0%CPEs: 2EXPL: 0CVE-2023-43498
https://notcve.org/view.php?id=CVE-2023-43498
20 Sep 2023 — In Jenkins 2.423 and earlier, LTS 2.414.1 and earlier, processing file uploads using MultipartFormDataParser creates temporary files in the default system temporary directory with the default permissions for newly created files, potentially allowing attackers with access to the Jenkins controller file system to read and write the files before they are used. En Jenkins versión 2.423 y anteriores, LTS versión 2.414.1 y anteriores, el procesamiento de cargas de archivos utilizando MultipartFormDataParser crea ... • http://www.openwall.com/lists/oss-security/2023/09/20/5 • CWE-377: Insecure Temporary File •