Описание
Information disclosure through error stack traces related to agents
Jenkins 2.393 and earlier, LTS 2.375.3 and earlier, and prior to LTS 2.387.1 prints an error stack trace on agent-related pages when agent connections are broken, potentially revealing information about Jenkins configuration that is otherwise inaccessible to attackers.
Jenkins 2.394, LTS 2.375.4, and LTS 2.387.1 does not display error stack traces when agent connections are broken.
Пакеты
org.jenkins-ci.main:jenkins-core
>= 2.376, < 2.387.1
2.387.1
org.jenkins-ci.main:jenkins-core
< 2.375.4
2.375.4
org.jenkins-ci.main:jenkins-core
>= 2.388, < 2.394
2.394
Связанные уязвимости
Jenkins 2.393 and earlier, LTS 2.375.3 and earlier prints an error stack trace on agent-related pages when agent connections are broken, potentially revealing information about Jenkins configuration that is otherwise inaccessible to attackers.
Jenkins 2.393 and earlier, LTS 2.375.3 and earlier prints an error stack trace on agent-related pages when agent connections are broken, potentially revealing information about Jenkins configuration that is otherwise inaccessible to attackers.
Jenkins 2.393 and earlier, LTS 2.375.3 and earlier prints an error sta ...