Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Jenkins Project | Jenkins | affected |
|
No data.
No data.
OpenCVE Enrichment is a feature of OpenCVE that uses AI to automatically link vendors and products to CVEs. Learn more on GitHub.
| Vendors | Products |
|---|---|
|
Jenkins Project
Subscribe
|
Jenkins
Subscribe
|
No advisories yet.
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
Thu, 19 Mar 2026 09:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Jenkins Project
Jenkins Project jenkins |
|
| Vendors & Products |
Jenkins Project
Jenkins Project jenkins |
Wed, 18 Mar 2026 15:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Jenkins 2.442 through 2.554 (both inclusive), LTS 2.426.3 through LTS 2.541.2 (both inclusive) performs origin validation of requests made through the CLI WebSocket endpoint by computing the expected origin for comparison using the Host or X-Forwarded-Host HTTP request headers, making it vulnerable to DNS rebinding attacks that allow bypassing origin validation. | |
| References |
|
Projects
Sign in to view the affected projects.
MITRE
Status: PUBLISHED
Assigner: jenkins
Published:
Updated: 2026-03-18T15:15:25.002Z
Reserved: 2026-03-17T15:04:07.616Z
Link: CVE-2026-33002
Vulnrichment
No data.
NVD
Status : Received
Published: 2026-03-18T16:16:28.187
Modified: 2026-03-18T16:16:28.187
Link: CVE-2026-33002
Redhat
No data.
OpenCVE Enrichment
Updated: 2026-03-19T08:56:35Z
No weakness.