Описание
Jenkins before versions 2.44, 2.32.2 is vulnerable to a user data leak in disconnected agents' config.xml API. This could leak sensitive data such as API tokens (SECURITY-362).
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat OpenShift Enterprise 2 | jenkins | Will not fix | ||
| Red Hat OpenShift Enterprise 3 | jenkins | Will not fix |
Показывать по
10
Дополнительная информация
Статус:
Low
Дефект:
CWE-325
https://bugzilla.redhat.com/show_bug.cgi?id=1418713jenkins: User data leak in disconnected agents' config.xml API (SECURITY-362)
EPSS
Процентиль: 6%
0.00023
Низкий
2.6 Low
CVSS3
Связанные уязвимости
CVSS3: 2.6
ubuntu
больше 7 лет назад
Jenkins before versions 2.44, 2.32.2 is vulnerable to a user data leak in disconnected agents' config.xml API. This could leak sensitive data such as API tokens (SECURITY-362).
CVSS3: 2.6
nvd
больше 7 лет назад
Jenkins before versions 2.44, 2.32.2 is vulnerable to a user data leak in disconnected agents' config.xml API. This could leak sensitive data such as API tokens (SECURITY-362).
CVSS3: 2.6
debian
больше 7 лет назад
Jenkins before versions 2.44, 2.32.2 is vulnerable to a user data leak ...
CVSS3: 3.5
github
больше 3 лет назад
Exposure of Sensitive Information to an Unauthorized Actor in Jenkins
EPSS
Процентиль: 6%
0.00023
Низкий
2.6 Low
CVSS3