FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

jenkins -- multiple vulnerabilities

Affected packages
	jenkins	<	2.555
	jenkins-lts	<	2.541.3

Details

VuXML ID	970fd0ec-26f5-11f1-a9b1-0cc47ada5f32
Discovery	2026-03-18
Entry	2026-03-27

Jenkins Security Advisory 2026-03-18:

SECURITY-3657 / CVE-2026-33001: Arbitrary file write vulnerability through specially crafted archives in Jenkins (High)

SECURITY-3674 / CVE-2026-33002: DNS rebinding vulnerability in WebSocket CLI origin validation in Jenkins (High)

[source]

References

CVE Name	CVE-2026-33001
CVE Name	CVE-2026-33002
URL	https://www.jenkins.io/security/advisory/2026-03-18/