Hash collision attack vulnerability in Jenkins before 1.447, Jenkins LTS before 1.424.2, and Jenkins Enterprise by CloudBees 1.424.x before 1.424.2.1 and 1.400.x before 1.400.0.11 could allow remote attackers to cause a considerable CPU load, aka "the Hash DoS attack."
References
Link | Resource |
---|---|
https://access.redhat.com/security/cve/cve-2012-0785 | Broken Link |
http://www.openwall.com/lists/oss-security/2012/01/20/8 | Mailing List Third Party Advisory |
https://security-tracker.debian.org/tracker/CVE-2012-0785 | Third Party Advisory |
https://jenkins.io/security/advisory/2012-01-12/ | Vendor Advisory |
https://www.cloudbees.com/jenkins-security-advisory-2012-01-12 | Third Party Advisory |
Configurations
Configuration 1 (hide)
|
Information
Published : 2020-02-24 09:15
Updated : 2020-03-04 09:31
NVD link : CVE-2012-0785
Mitre link : CVE-2012-0785
JSON object : View
CWE
CWE-400
Uncontrolled Resource Consumption
Products Affected
cloudbees
- jenkins
jenkins
- jenkins