Описание
Cross-site scripting (XSS) vulnerability in Jenkins before 1.583 and LTS before 1.565.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| OpenShift Enterprise 1 | jenkins | Will not fix | ||
| Red Hat OpenShift Enterprise 2.1 | jenkins | Fixed | RHBA-2014:1630 | 14.10.2014 |
| Red Hat OpenShift Enterprise 2.1 | jenkins-plugin-openshift | Fixed | RHBA-2014:1630 | 14.10.2014 |
| Red Hat OpenShift Enterprise 2.1 | openshift-origin-cartridge-jenkins | Fixed | RHBA-2014:1630 | 14.10.2014 |
| Red Hat OpenShift Enterprise 3.1 | atomic-openshift | Fixed | RHSA-2016:0070 | 26.01.2016 |
| Red Hat OpenShift Enterprise 3.1 | heapster | Fixed | RHSA-2016:0070 | 26.01.2016 |
| Red Hat OpenShift Enterprise 3.1 | jenkins | Fixed | RHSA-2016:0070 | 26.01.2016 |
| Red Hat OpenShift Enterprise 3.1 | nodejs-align-text | Fixed | RHSA-2016:0070 | 26.01.2016 |
| Red Hat OpenShift Enterprise 3.1 | nodejs-ansi-green | Fixed | RHSA-2016:0070 | 26.01.2016 |
| Red Hat OpenShift Enterprise 3.1 | nodejs-ansi-wrap | Fixed | RHSA-2016:0070 | 26.01.2016 |
Показывать по
10
Дополнительная информация
Статус:
Moderate
Дефект:
CWE-79
https://bugzilla.redhat.com/show_bug.cgi?id=1147766jenkins: cross-site scripting flaw in Jenkins core (SECURITY-143)
EPSS
Процентиль: 48%
0.00249
Низкий
4.3 Medium
CVSS2
Связанные уязвимости
ubuntu
больше 11 лет назад
Cross-site scripting (XSS) vulnerability in Jenkins before 1.583 and LTS before 1.565.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
nvd
больше 11 лет назад
Cross-site scripting (XSS) vulnerability in Jenkins before 1.583 and LTS before 1.565.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
debian
больше 11 лет назад
Cross-site scripting (XSS) vulnerability in Jenkins before 1.583 and L ...
EPSS
Процентиль: 48%
0.00249
Низкий
4.3 Medium
CVSS2