CVE Tracker

CVE ID	Severity	EPSS	Vendor	Description	Date	Status
CVE-2017-1000353	High 9.8	94.5%	JenkinsJenkins	Jenkins contains a remote code execution vulnerability. This vulnerability that could allowed attackers to transfer a serialized Java SignedObject object to the remoting-based Jenkins CLI, that would be deserialized using a new ObjectInputStream, bypassing the existing blocklist-based protection mechanism.	Oct 2, 2025	KEVExploit
CVE-2024-23897	High	94.5%	JenkinsJenkins Command Line Interface (CLI)	Jenkins Command Line Interface (CLI) contains a path traversal vulnerability that allows attackers limited read access to certain files, which can lead to code execution.	Aug 19, 2024	KEV
CVE-2015-5317	High	27.4%	JenkinsJenkins User Interface (UI)	Jenkins User Interface (UI) contains an information disclosure vulnerability that allows users to see the names of jobs and builds otherwise inaccessible to them on the "Fingerprints" pages.	May 12, 2023	KEV
CVE-2019-1003029	High	92.6%	JenkinsScript Security Plugin	Jenkins Script Security Plugin contains a protection mechanism failure, allowing an attacker to bypass the sandbox.	Apr 25, 2022	KEV
CVE-2019-1003030	High	93.1%	JenkinsMatrix Project Plugin	Jenkins Matrix Project plugin contains a vulnerability which can allow users to escape the sandbox, opening opportunity to perform remote code execution.	Mar 25, 2022	KEV
CVE-2018-1000861	High 9.8	94.5%	JenkinsJenkins Stapler Web Framework	A code execution vulnerability exists in the Stapler web framework used by Jenkins	Feb 10, 2022	KEV

CVE-2017-1000353KEV

High

Jenkins contains a remote code execution vulnerability. This vulnerability that could allowed attackers to transfer a serialized Java SignedObject object to the remoting-based Jenkins CLI, that would be deserialized using a new ObjectInputStream, bypassing the existing blocklist-based protection mechanism.

JenkinsCVSS 9.8EPSS 94.5%

Exploit

CVE-2024-23897KEV

High

Jenkins Command Line Interface (CLI) contains a path traversal vulnerability that allows attackers limited read access to certain files, which can lead to code execution.

JenkinsEPSS 94.5%

CVE-2015-5317KEV

High

Jenkins User Interface (UI) contains an information disclosure vulnerability that allows users to see the names of jobs and builds otherwise inaccessible to them on the "Fingerprints" pages.

JenkinsEPSS 27.4%

CVE-2019-1003029KEV

High

Jenkins Script Security Plugin contains a protection mechanism failure, allowing an attacker to bypass the sandbox.

JenkinsEPSS 92.6%

CVE-2019-1003030KEV

High

Jenkins Matrix Project plugin contains a vulnerability which can allow users to escape the sandbox, opening opportunity to perform remote code execution.

JenkinsEPSS 93.1%

CVE-2018-1000861KEV

High

A code execution vulnerability exists in the Stapler web framework used by Jenkins

JenkinsCVSS 9.8EPSS 94.5%