Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-8p3c-m625-wh83

Опубликовано: 14 мая 2022
Источник: github
Github: Прошло ревью
CVSS3: 6.1

Описание

Jenkins has CRLF Injection Vulnerability in the CLI

CRLF injection vulnerability in the CLI command documentation in Jenkins before 1.650 and LTS before 1.642.2 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.

Ссылки

Пакеты

Наименование

org.jenkins-ci.main:jenkins-core

maven
Затронутые версииВерсия исправления

>= 1.643, < 1.650

1.650

Наименование

org.jenkins-ci.main:jenkins-core

maven
Затронутые версииВерсия исправления

< 1.642.2

1.642.2

EPSS

Процентиль: 35%
0.00148
Низкий

6.1 Medium

CVSS3

CVE ID

CVE-2016-0789

Дефекты

CWE-113
CWE-20

Связанные уязвимости

ubuntu логотип

CVE-2016-0789

CVSS3: 6.1
ubuntu
почти 10 лет назад

CRLF injection vulnerability in the CLI command documentation in Jenkins before 1.650 and LTS before 1.642.2 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.

redhat логотип

CVE-2016-0789

redhat
почти 10 лет назад

CRLF injection vulnerability in the CLI command documentation in Jenkins before 1.650 and LTS before 1.642.2 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.

nvd логотип

CVE-2016-0789

CVSS3: 6.1
nvd
почти 10 лет назад

CRLF injection vulnerability in the CLI command documentation in Jenkins before 1.650 and LTS before 1.642.2 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.

debian логотип

CVE-2016-0789

CVSS3: 6.1
debian
почти 10 лет назад

CRLF injection vulnerability in the CLI command documentation in Jenki ...

EPSS

Процентиль: 35%
0.00148
Низкий

6.1 Medium

CVSS3

CVE ID

CVE-2016-0789

Дефекты

CWE-113
CWE-20