CVE-2015-1808

Опубликовано: 27 фев. 2015

Источник: redhat

CVSS2: 3.5

EPSS Низкий

Описание

Jenkins before 1.600 and LTS before 1.596.1 allows remote authenticated users to cause a denial of service (improper plug-in and tool installation) via crafted update center data.

A denial of service flaw was found in the way Jenkins handled certain update center data. An authenticated user could provide specially crafted update center data to Jenkins, causing plug-in and tool installation to not work properly.

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-20

https://bugzilla.redhat.com/show_bug.cgi?id=1205623jenkins: update center metadata retrieval DoS attack (SECURITY-163)

EPSS

Процентиль: 39%

0.00175

Низкий

3.5 Low

CVSS2

Связанные уязвимости

CVE-2015-1808

ubuntu

больше 10 лет назад

Jenkins before 1.600 and LTS before 1.596.1 allows remote authenticated users to cause a denial of service (improper plug-in and tool installation) via crafted update center data.

CVE-2015-1808

nvd

больше 10 лет назад

Jenkins before 1.600 and LTS before 1.596.1 allows remote authenticated users to cause a denial of service (improper plug-in and tool installation) via crafted update center data.

CVE-2015-1808

debian

больше 10 лет назад

Jenkins before 1.600 and LTS before 1.596.1 allows remote authenticate ...

GHSA-3rwx-3vwh-mwxc

github

больше 3 лет назад

Jenkins Vulnerable to Denial of Service (DoS)

EPSS

Процентиль: 39%

0.00175

Низкий

3.5 Low

CVSS2