BIT-JENKINS-2026-53439

Missing permission checks in Jenkins 2.567 and earlier, LTS 2.555.2 and earlier allow attackers with Overall/Read permission to determine other users' configured timezone and to enumerate view names of other users' "My Views"...

CVE-2026-53439

A flaw was found in Jenkins. Missing permission checks allow an attacker with Overall/Read permission to determine other users' configured timezone. This vulnerability also enables the attacker to enumerate the view names of other users' "My Views", leading to information disclosure. Mitigation...

CVE-2026-53439

Missing permission checks in Jenkins 2.567 and earlier, LTS 2.555.2 and earlier allow attackers with Overall/Read permission to determine other users' configured timezone and to enumerate view names of other users' "My Views"...

CVE-2026-53439

Missing permission checks in Jenkins 2.567 and earlier, LTS 2.555.2 and earlier allow attackers with Overall/Read permission to determine other users' configured timezone and to enumerate view names of other users' "My Views"...

CVE-2026-53439

Missing permission checks in Jenkins 2.567 and earlier, LTS 2.555.2 and earlier allow attackers with Overall/Read permission to determine other users' configured timezone and to enumerate view names of other users' "My Views"...

CVE-2026-53439

Missing permission checks in Jenkins 2.567 and earlier, LTS 2.555.2 and earlier allow attackers with Overall/Read permission to determine other users' configured timezone and to enumerate view names of other users' "My Views"...

EUVD-2026-36023

Missing permission checks in Jenkins 2.567 and earlier, LTS 2.555.2 and earlier allow attackers with Overall/Read permission to determine other users' configured timezone and to enumerate view names of other users' "My Views"...

CVE-2026-53439

CVE-2026-53439 : In Jenkins up to 2.567 and earlier, and LTS up to 2.555.2, missing permission checks allow users with Overall/Read to determine other users’ configured timezone and to enumerate other users’ My Views. The CVSS v3.1 base score is 4.3 (Medium; AV N, AC L, PR L, UI N, S U, C L, I N,...

PT-2026-48424

Name of the Vulnerable Software and Affected Versions Jenkins versions prior to 2.567 Jenkins LTS versions prior to 2.555.2 Description Missing permission checks allow attackers with Overall/Read permission to determine the configured timezone of other users and enumerate view names within other...

Jenkins 安全漏洞

Jenkins is an open-source application developed by Jenkins Project. The open-source automation server Jenkins offers hundreds of plugins to support building, deploying, and automating any project. Jenkins versions 2.567 and earlier, as well as LTS 2.555.2 and earlier, have security vulnerabilitie...

BIT-JENKINS-2024-43045

Jenkins LTS 2.452.3 and earlier does not perform a permission check in an HTTP endpoint, allowing attackers with Overall/Read permission to access other users' "My Views"...

Improper Access Control

org.jenkins-ci.main, jenkins-core is vulnerable to Improper Access Control. The vulnerability is caused due to a missing permission check in an HTTP end point. This allows attackers with Overall/Read permission to access other users' "My Views" and attackers with global View/Configure and...

GHSA-8PV9-QH96-9HC6 Jenkins does not perform a permission check in an HTTP endpoint

Jenkins 2.470 and earlier, LTS 2.452.3 and earlier does not perform a permission check in an HTTP endpoint. This allows attackers with Overall/Read permission to access other users' "My Views". Attackers with global View/Configure and View/Delete permissions are also able to change other users' "...

CVE-2024-43045

Jenkins 2.470 and earlier, LTS 2.452.3 and earlier does not perform a permission check in an HTTP endpoint, allowing attackers with Overall/Read permission to access other users' "My Views"...

Jenkins 安全漏洞

Jenkins is a Jenkins open source application. An open source automation server Jenkins provides hundreds of plugins to support building, deploying and automating any project. A security vulnerability exists in Jenkins 2.470 and earlier and LTS 2.452.3 and earlier, which stems from a failure to...

PT-2024-30269 · Jenkins +1 · Jenkins +1

Name of the Vulnerable Software and Affected Versions: Jenkins versions 2.470 and earlier Jenkins LTS versions 2.452.3 and earlier Description: The issue arises from a lack of permission check in an HTTP endpoint, allowing attackers with Overall/Read permission to access other users' "My Views"...