FAIL › dossier
Dossier not yet built — the RAG curator builds one for players with ≥2 failure events (factory/dossier.py). The failure history and sentiment below are live.
| Date | Event | Sev | Flags | Shame | Summary |
|---|---|---|---|---|---|
| 2024-08-19 | CVE-2024-23897 | critical | ⚡RCE ⌖KEV | 95 | Jenkins Command Line Interface (CLI) contains a path traversal vulnerability that allows attackers limited read access to certain files, which can lead to code execution. |
| 2025-10-02 | CVE-2017-1000353 | high | ⚡RCE ⌖KEV | 65 | Jenkins contains a remote code execution vulnerability. This vulnerability that could allowed attackers to transfer a serialized Java SignedObject object to the remoting-based Jenkins CLI, that would be deserialized using a new ObjectInputStream, bypassing the existing blocklist- |
| 2025-10-02 | CVE-2017-1000353 | high | ⚡RCE ⌖KEV | 65 | Jenkins contains a remote code execution vulnerability. This vulnerability that could allowed attackers to transfer a serialized Java SignedObject object to the remoting-based Jenkins CLI, that would be deserialized using a new ObjectInputStream, bypassing the existing blocklist- |
| 2022-03-25 | CVE-2019-1003030 | high | ⚡RCE ⌖KEV | 65 | Jenkins Matrix Project plugin contains a vulnerability which can allow users to escape the sandbox, opening opportunity to perform remote code execution. |
| 2022-02-10 | CVE-2018-1000861 | high | ⚡RCE ⌖KEV | 65 | A code execution vulnerability exists in the Stapler web framework used by Jenkins |
| 2023-05-12 | CVE-2015-5317 | high | ⌖KEV | 50 | Jenkins User Interface (UI) contains an information disclosure vulnerability that allows users to see the names of jobs and builds otherwise inaccessible to them on the "Fingerprints" pages. |
| 2022-04-25 | CVE-2019-1003029 | high | ⌖KEV | 50 | Jenkins Script Security Plugin contains a protection mechanism failure, allowing an attacker to bypass the sandbox. |