Описание
Jenkins before 1.583 and LTS before 1.565.3 allows remote attackers to execute arbitrary code via a crafted packet to the CLI channel.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| OpenShift Enterprise 1 | jenkins | Under investigation | ||
| Red Hat OpenShift Enterprise 2.1 | jenkins | Fixed | RHBA-2014:1630 | 14.10.2014 |
| Red Hat OpenShift Enterprise 2.1 | jenkins-plugin-openshift | Fixed | RHBA-2014:1630 | 14.10.2014 |
| Red Hat OpenShift Enterprise 2.1 | openshift-origin-cartridge-jenkins | Fixed | RHBA-2014:1630 | 14.10.2014 |
| Red Hat OpenShift Enterprise 3.1 | atomic-openshift | Fixed | RHSA-2016:0070 | 26.01.2016 |
| Red Hat OpenShift Enterprise 3.1 | heapster | Fixed | RHSA-2016:0070 | 26.01.2016 |
| Red Hat OpenShift Enterprise 3.1 | jenkins | Fixed | RHSA-2016:0070 | 26.01.2016 |
| Red Hat OpenShift Enterprise 3.1 | nodejs-align-text | Fixed | RHSA-2016:0070 | 26.01.2016 |
| Red Hat OpenShift Enterprise 3.1 | nodejs-ansi-green | Fixed | RHSA-2016:0070 | 26.01.2016 |
| Red Hat OpenShift Enterprise 3.1 | nodejs-ansi-wrap | Fixed | RHSA-2016:0070 | 26.01.2016 |
Показывать по
10
Дополнительная информация
Статус:
Important
https://bugzilla.redhat.com/show_bug.cgi?id=1147769jenkins: remote code execution flaw (SECURITY-150)
EPSS
Процентиль: 79%
0.01213
Низкий
6.8 Medium
CVSS2
Связанные уязвимости
ubuntu
больше 11 лет назад
Jenkins before 1.583 and LTS before 1.565.3 allows remote attackers to execute arbitrary code via a crafted packet to the CLI channel.
nvd
больше 11 лет назад
Jenkins before 1.583 and LTS before 1.565.3 allows remote attackers to execute arbitrary code via a crafted packet to the CLI channel.
debian
больше 11 лет назад
Jenkins before 1.583 and LTS before 1.565.3 allows remote attackers to ...
github
больше 3 лет назад
Jenkins allows for Code Execution via Crafted Packet to the CLI
EPSS
Процентиль: 79%
0.01213
Низкий
6.8 Medium
CVSS2