Описание
A denial of service vulnerability exists in Jenkins 2.137 and earlier, 2.121.2 and earlier in CronTab.java that allows attackers with Overall/Read permission to have a request handling thread enter an infinite loop.
Отчет
Users of OpenShift Container Platform 3.x should upgrade to 3.11 to pick up a fix for this issue.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat OpenShift Container Platform 3.10 | jenkins | Will not fix | ||
| Red Hat OpenShift Container Platform 3.11 | jenkins | Not affected | ||
| Red Hat OpenShift Container Platform 3.2 | jenkins | Will not fix | ||
| Red Hat OpenShift Container Platform 3.3 | jenkins | Will not fix | ||
| Red Hat OpenShift Container Platform 3.4 | jenkins | Will not fix | ||
| Red Hat OpenShift Container Platform 3.5 | jenkins | Will not fix | ||
| Red Hat OpenShift Container Platform 3.6 | jenkins | Will not fix | ||
| Red Hat OpenShift Container Platform 3.7 | jenkins | Will not fix | ||
| Red Hat OpenShift Container Platform 3.9 | jenkins | Will not fix | ||
| Red Hat OpenShift Enterprise 3.1 | jenkins | Will not fix |
Показывать по
Дополнительная информация
Статус:
EPSS
4.3 Medium
CVSS3
Связанные уязвимости
A denial of service vulnerability exists in Jenkins 2.137 and earlier, 2.121.2 and earlier in CronTab.java that allows attackers with Overall/Read permission to have a request handling thread enter an infinite loop.
A denial of service vulnerability exists in Jenkins 2.137 and earlier, 2.121.2 and earlier in CronTab.java that allows attackers with Overall/Read permission to have a request handling thread enter an infinite loop.
A denial of service vulnerability exists in Jenkins 2.137 and earlier, ...
EPSS
4.3 Medium
CVSS3