Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-2hhc-f86x-x74f

Опубликовано: 24 мая 2022
Источник: github
Github: Прошло ревью
CVSS3: 6.5

Описание

Inefficient Regular Expression Complexity in Jenkins Build Failure Analyzer Plugin

A user-supplied regular expression in Jenkins Build Failure Analyzer Plugin 1.24.1 and earlier was processed in a way that wasn't interruptible, allowing attackers to have Jenkins evaluate a regular expression without the ability to interrupt this process.

Ссылки

Пакеты

Наименование

com.sonyericsson.jenkins.plugins.bfa:build-failure-analyzer

maven
Затронутые версииВерсия исправления

< 1.24.2

1.24.2

EPSS

Процентиль: 32%
0.00125
Низкий

6.5 Medium

CVSS3

CVE ID

CVE-2019-16555

Дефекты

CWE-1333
CWE-400

Связанные уязвимости

nvd логотип

CVE-2019-16555

CVSS3: 6.5
nvd
около 6 лет назад

A user-supplied regular expression in Jenkins Build Failure Analyzer Plugin 1.24.1 and earlier was processed in a way that wasn't interruptible, allowing attackers to have Jenkins evaluate a regular expression without the ability to interrupt this process.

EPSS

Процентиль: 32%
0.00125
Низкий

6.5 Medium

CVSS3

CVE ID

CVE-2019-16555

Дефекты

CWE-1333
CWE-400