CVE-2012-0785
7.5HIGHHash collision attack vulnerability in Jenkins before 1.447, Jenkins LTS before 1.424.2, and Jenkins Enterprise by CloudBees 1.424.x before 1.424.2.1 and 1.400.x before 1.400.0.11 could allow remote a
Опубликовано: 2/24/2020Обновлено: 11/21/2024
Описание
Hash collision attack vulnerability in Jenkins before 1.447, Jenkins LTS before 1.424.2, and Jenkins Enterprise by CloudBees 1.424.x before 1.424.2.1 and 1.400.x before 1.400.0.11 could allow remote attackers to cause a considerable CPU load, aka "the Hash DoS attack."
ИИ-АнализНа базе ИИ
Затронутые продукты
cloudbeesjenkins
cloudbeesjenkins
jenkinsjenkins
jenkinsjenkins
Ссылки
- http://www.openwall.com/lists/oss-security/2012/01/20/8Mailing ListThird Party Advisory
- https://access.redhat.com/security/cve/cve-2012-0785Broken Link
- https://jenkins.io/security/advisory/2012-01-12/Vendor Advisory
- https://security-tracker.debian.org/tracker/CVE-2012-0785Third Party Advisory
- https://www.cloudbees.com/jenkins-security-advisory-2012-01-12Third Party Advisory
- http://www.openwall.com/lists/oss-security/2012/01/20/8Mailing ListThird Party Advisory
- https://access.redhat.com/security/cve/cve-2012-0785Broken Link
- https://jenkins.io/security/advisory/2012-01-12/Vendor Advisory
- https://security-tracker.debian.org/tracker/CVE-2012-0785Third Party Advisory
- https://www.cloudbees.com/jenkins-security-advisory-2012-01-12Third Party Advisory