Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

Security Advisories: GSA_kwCzR0hTQS1meHFyLXB4Mm0tZnZjMs4AAdTV

Jenkins Exposure of Sensitive Information to an Unauthorized Actor vulnerability

Jenkins before 1.583 and LTS before 1.565.3 allows remote attackers to enumerate user names via vectors related to login attempts.

Permalink: https://github.com/advisories/GHSA-fxqr-px2m-fvc2
JSON: https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS1meHFyLXB4Mm0tZnZjMs4AAdTV
Source: GitHub Advisory Database
Origin: Unspecified
Severity: Moderate
Classification: General
Published: over 2 years ago
Updated: almost 2 years ago


Identifiers: GHSA-fxqr-px2m-fvc2, CVE-2014-3662
References: Blast Radius: 1.0

Affected Packages

maven:org.jenkins-ci.main:jenkins-core
Affected Version Ranges: < 1.565.3, >= 1.566, < 1.583
Fixed in: 1.565.3, 1.583