Описание
Jenkins 2.73.1 and earlier, 2.83 and earlier bundled a version of the commons-fileupload library with the denial-of-service vulnerability known as CVE-2016-3092. The fix for that vulnerability has been backported to the version of the library bundled with Jenkins.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat OpenShift Enterprise 3 | jenkins | Not affected |
Показывать по
10
Дополнительная информация
Статус:
Important
Дефект:
CWE-400
https://bugzilla.redhat.com/show_bug.cgi?id=1501813jenkins: Jenkins core bundled vulnerable version of the commons-fileupload library (SECURITY-490)
7.5 High
CVSS3
Связанные уязвимости
CVSS3: 7.5
nvd
около 8 лет назад
Jenkins 2.73.1 and earlier, 2.83 and earlier bundled a version of the commons-fileupload library with the denial-of-service vulnerability known as CVE-2016-3092. The fix for that vulnerability has been backported to the version of the library bundled with Jenkins.
CVSS3: 7.5
debian
около 8 лет назад
Jenkins 2.73.1 and earlier, 2.83 and earlier bundled a version of the ...
7.5 High
CVSS3