Search criteria
2 vulnerabilities found for Jenkins LTS by Jenkins project
CVE-2012-0785 (GCVE-0-2012-0785)
Vulnerability from cvelistv5 – Published: 2020-02-24 16:54 – Updated: 2024-08-06 18:38
VLAI?
Summary
Hash collision attack vulnerability in Jenkins before 1.447, Jenkins LTS before 1.424.2, and Jenkins Enterprise by CloudBees 1.424.x before 1.424.2.1 and 1.400.x before 1.400.0.11 could allow remote attackers to cause a considerable CPU load, aka "the Hash DoS attack."
Severity ?
No CVSS data available.
CWE
- and hash collision attack
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Jenkins project | Jenkins |
Affected:
before 1.447
|
||||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:38:14.308Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20120119 Re: CVE request: Jenkins",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/01/20/8"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2012-0785"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/cve-2012-0785"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://jenkins.io/security/advisory/2012-01-12/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.cloudbees.com/jenkins-security-advisory-2012-01-12"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Jenkins",
"vendor": "Jenkins project",
"versions": [
{
"status": "affected",
"version": "before 1.447"
}
]
},
{
"product": "Jenkins LTS",
"vendor": "Jenkins project",
"versions": [
{
"status": "affected",
"version": "before 1.424.2"
}
]
},
{
"product": "Jenkins Enterprise by CloudBees",
"vendor": "Jenkins project",
"versions": [
{
"status": "affected",
"version": "1.424.x before 1.424.2.1"
},
{
"status": "affected",
"version": "1.400.x before 1.400.0.11"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Hash collision attack vulnerability in Jenkins before 1.447, Jenkins LTS before 1.424.2, and Jenkins Enterprise by CloudBees 1.424.x before 1.424.2.1 and 1.400.x before 1.400.0.11 could allow remote attackers to cause a considerable CPU load, aka \"the Hash DoS attack.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "and hash collision attack",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-24T16:54:05",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "[oss-security] 20120119 Re: CVE request: Jenkins",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/01/20/8"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2012-0785"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://access.redhat.com/security/cve/cve-2012-0785"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://jenkins.io/security/advisory/2012-01-12/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.cloudbees.com/jenkins-security-advisory-2012-01-12"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-0785",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Jenkins",
"version": {
"version_data": [
{
"version_value": "before 1.447"
}
]
}
},
{
"product_name": "Jenkins LTS",
"version": {
"version_data": [
{
"version_value": "before 1.424.2"
}
]
}
},
{
"product_name": "Jenkins Enterprise by CloudBees",
"version": {
"version_data": [
{
"version_value": "1.424.x before 1.424.2.1"
},
{
"version_value": "1.400.x before 1.400.0.11"
}
]
}
}
]
},
"vendor_name": "Jenkins project"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Hash collision attack vulnerability in Jenkins before 1.447, Jenkins LTS before 1.424.2, and Jenkins Enterprise by CloudBees 1.424.x before 1.424.2.1 and 1.400.x before 1.400.0.11 could allow remote attackers to cause a considerable CPU load, aka \"the Hash DoS attack.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "and hash collision attack"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20120119 Re: CVE request: Jenkins",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/01/20/8"
},
{
"name": "https://security-tracker.debian.org/tracker/CVE-2012-0785",
"refsource": "MISC",
"url": "https://security-tracker.debian.org/tracker/CVE-2012-0785"
},
{
"name": "https://access.redhat.com/security/cve/cve-2012-0785",
"refsource": "MISC",
"url": "https://access.redhat.com/security/cve/cve-2012-0785"
},
{
"name": "https://jenkins.io/security/advisory/2012-01-12/",
"refsource": "CONFIRM",
"url": "https://jenkins.io/security/advisory/2012-01-12/"
},
{
"name": "https://www.cloudbees.com/jenkins-security-advisory-2012-01-12",
"refsource": "CONFIRM",
"url": "https://www.cloudbees.com/jenkins-security-advisory-2012-01-12"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-0785",
"datePublished": "2020-02-24T16:54:05",
"dateReserved": "2012-01-19T00:00:00",
"dateUpdated": "2024-08-06T18:38:14.308Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-0785 (GCVE-0-2012-0785)
Vulnerability from nvd – Published: 2020-02-24 16:54 – Updated: 2024-08-06 18:38
VLAI?
Summary
Hash collision attack vulnerability in Jenkins before 1.447, Jenkins LTS before 1.424.2, and Jenkins Enterprise by CloudBees 1.424.x before 1.424.2.1 and 1.400.x before 1.400.0.11 could allow remote attackers to cause a considerable CPU load, aka "the Hash DoS attack."
Severity ?
No CVSS data available.
CWE
- and hash collision attack
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Jenkins project | Jenkins |
Affected:
before 1.447
|
||||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:38:14.308Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20120119 Re: CVE request: Jenkins",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/01/20/8"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2012-0785"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/cve-2012-0785"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://jenkins.io/security/advisory/2012-01-12/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.cloudbees.com/jenkins-security-advisory-2012-01-12"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Jenkins",
"vendor": "Jenkins project",
"versions": [
{
"status": "affected",
"version": "before 1.447"
}
]
},
{
"product": "Jenkins LTS",
"vendor": "Jenkins project",
"versions": [
{
"status": "affected",
"version": "before 1.424.2"
}
]
},
{
"product": "Jenkins Enterprise by CloudBees",
"vendor": "Jenkins project",
"versions": [
{
"status": "affected",
"version": "1.424.x before 1.424.2.1"
},
{
"status": "affected",
"version": "1.400.x before 1.400.0.11"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Hash collision attack vulnerability in Jenkins before 1.447, Jenkins LTS before 1.424.2, and Jenkins Enterprise by CloudBees 1.424.x before 1.424.2.1 and 1.400.x before 1.400.0.11 could allow remote attackers to cause a considerable CPU load, aka \"the Hash DoS attack.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "and hash collision attack",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-24T16:54:05",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "[oss-security] 20120119 Re: CVE request: Jenkins",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/01/20/8"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2012-0785"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://access.redhat.com/security/cve/cve-2012-0785"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://jenkins.io/security/advisory/2012-01-12/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.cloudbees.com/jenkins-security-advisory-2012-01-12"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-0785",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Jenkins",
"version": {
"version_data": [
{
"version_value": "before 1.447"
}
]
}
},
{
"product_name": "Jenkins LTS",
"version": {
"version_data": [
{
"version_value": "before 1.424.2"
}
]
}
},
{
"product_name": "Jenkins Enterprise by CloudBees",
"version": {
"version_data": [
{
"version_value": "1.424.x before 1.424.2.1"
},
{
"version_value": "1.400.x before 1.400.0.11"
}
]
}
}
]
},
"vendor_name": "Jenkins project"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Hash collision attack vulnerability in Jenkins before 1.447, Jenkins LTS before 1.424.2, and Jenkins Enterprise by CloudBees 1.424.x before 1.424.2.1 and 1.400.x before 1.400.0.11 could allow remote attackers to cause a considerable CPU load, aka \"the Hash DoS attack.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "and hash collision attack"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20120119 Re: CVE request: Jenkins",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/01/20/8"
},
{
"name": "https://security-tracker.debian.org/tracker/CVE-2012-0785",
"refsource": "MISC",
"url": "https://security-tracker.debian.org/tracker/CVE-2012-0785"
},
{
"name": "https://access.redhat.com/security/cve/cve-2012-0785",
"refsource": "MISC",
"url": "https://access.redhat.com/security/cve/cve-2012-0785"
},
{
"name": "https://jenkins.io/security/advisory/2012-01-12/",
"refsource": "CONFIRM",
"url": "https://jenkins.io/security/advisory/2012-01-12/"
},
{
"name": "https://www.cloudbees.com/jenkins-security-advisory-2012-01-12",
"refsource": "CONFIRM",
"url": "https://www.cloudbees.com/jenkins-security-advisory-2012-01-12"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-0785",
"datePublished": "2020-02-24T16:54:05",
"dateReserved": "2012-01-19T00:00:00",
"dateUpdated": "2024-08-06T18:38:14.308Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}