Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Security Advisories: GSA_kwCzR0hTQS1meHFyLXB4Mm0tZnZjMs4AAdTV
Jenkins Exposure of Sensitive Information to an Unauthorized Actor vulnerability
Jenkins before 1.583 and LTS before 1.565.3 allows remote attackers to enumerate user names via vectors related to login attempts.
Permalink: https://github.com/advisories/GHSA-fxqr-px2m-fvc2JSON: https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS1meHFyLXB4Mm0tZnZjMs4AAdTV
Source: GitHub Advisory Database
Origin: Unspecified
Severity: Moderate
Classification: General
Published: over 2 years ago
Updated: almost 2 years ago
Identifiers: GHSA-fxqr-px2m-fvc2, CVE-2014-3662
References:
- https://nvd.nist.gov/vuln/detail/CVE-2014-3662
- https://access.redhat.com/errata/RHSA-2016:0070
- https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01
- https://access.redhat.com/errata/RHBA-2014:1630
- https://access.redhat.com/security/cve/CVE-2014-3662
- https://bugzilla.redhat.com/show_bug.cgi?id=1147759
- https://github.com/advisories/GHSA-fxqr-px2m-fvc2
Affected Packages
maven:org.jenkins-ci.main:jenkins-core
Affected Version Ranges: < 1.565.3, >= 1.566, < 1.583Fixed in: 1.565.3, 1.583