Описание
Missing permission check in Jenkins Build Failure Analyzer Plugin
A missing permission check in Jenkins Build Failure Analyzer Plugin 1.24.1 and earlier allows attackers with Overall/Read permission to have Jenkins evaluate a computationally expensive regular expression.
Пакеты
Наименование
com.sonyericsson.jenkins.plugins.bfa:build-failure-analyzer
maven
Затронутые версииВерсия исправления
< 1.24.2
1.24.2
Связанные уязвимости
CVSS3: 4.3
nvd
около 6 лет назад
A missing permission check in Jenkins Build Failure Analyzer Plugin 1.24.1 and earlier allows attackers with Overall/Read permission to have Jenkins evaluate a computationally expensive regular expression.