Jenkins 2.185

CPE Details

Jenkins 2.185
jenkins
jenkins
2.185
2020-02-05
14h14 +00:00
2020-02-05
14h14 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:jenkins:jenkins:2.185:*:*:*:*:*:*:*

Informations

Vendor

jenkins

Product

jenkins

Version

2.185

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2022-2048 2022-07-07 18h35 +00:00 In Eclipse Jetty HTTP/2 server implementation, when encountering an invalid HTTP/2 request, the error handling has a bug that can wind up not properly cleaning up the active connections and associated resources. This can lead to a Denial of Service scenario where there are no enough resources left to process good requests.
7.5
Haute
CVE-2021-28165 2021-04-01 12h20 +00:00 In Eclipse Jetty 7.2.2 to 9.4.38, 10.0.0.alpha0 to 10.0.1, and 11.0.0.alpha0 to 11.0.1, CPU usage can reach 100% upon receiving a large invalid TLS frame.
7.5
Haute
CVE-2019-10384 2019-08-28 13h30 +00:00 Jenkins 2.191 and earlier, LTS 2.176.2 and earlier allowed users to obtain CSRF tokens without an associated web session ID, resulting in CSRF tokens that did not expire and could be used to bypass CSRF protection for the anonymous user.
8.8
Haute
CVE-2019-10383 2019-08-28 13h30 +00:00 A stored cross-site scripting vulnerability in Jenkins 2.191 and earlier, LTS 2.176.2 and earlier allowed attackers with Overall/Administer permission to configure the update site URL to inject arbitrary HTML and JavaScript in update center web pages.
4.8
Moyen