Search

Find a vulnerability

Search criteria

    2 vulnerabilities found for Jenkins Enterprise by CloudBees by Jenkins project

    CVE-2012-0785 (GCVE-0-2012-0785)

    Vulnerability from nvd – Published: 2020-02-24 16:54 – Updated: 2024-08-06 18:38
    VLAI
    Summary
    Hash collision attack vulnerability in Jenkins before 1.447, Jenkins LTS before 1.424.2, and Jenkins Enterprise by CloudBees 1.424.x before 1.424.2.1 and 1.400.x before 1.400.0.11 could allow remote attackers to cause a considerable CPU load, aka "the Hash DoS attack."
    Severity
    No CVSS data available.
    CWE
    • and hash collision attack
    Assigner
    Impacted products
    Vendor Product Version
    Jenkins project Jenkins Affected: before 1.447
    Create a notification for this product.
    Jenkins project Jenkins LTS Affected: before 1.424.2
    Create a notification for this product.
    Jenkins project Jenkins Enterprise by CloudBees Affected: 1.424.x before 1.424.2.1
    Affected: 1.400.x before 1.400.0.11
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T18:38:14.308Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "[oss-security] 20120119 Re: CVE request: Jenkins",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2012/01/20/8"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://security-tracker.debian.org/tracker/CVE-2012-0785"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/security/cve/cve-2012-0785"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://jenkins.io/security/advisory/2012-01-12/"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.cloudbees.com/jenkins-security-advisory-2012-01-12"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Jenkins",
              "vendor": "Jenkins project",
              "versions": [
                {
                  "status": "affected",
                  "version": "before 1.447"
                }
              ]
            },
            {
              "product": "Jenkins LTS",
              "vendor": "Jenkins project",
              "versions": [
                {
                  "status": "affected",
                  "version": "before 1.424.2"
                }
              ]
            },
            {
              "product": "Jenkins Enterprise by CloudBees",
              "vendor": "Jenkins project",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.424.x before 1.424.2.1"
                },
                {
                  "status": "affected",
                  "version": "1.400.x before 1.400.0.11"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Hash collision attack vulnerability in Jenkins before 1.447, Jenkins LTS before 1.424.2, and Jenkins Enterprise by CloudBees 1.424.x before 1.424.2.1 and 1.400.x before 1.400.0.11 could allow remote attackers to cause a considerable CPU load, aka \"the Hash DoS attack.\""
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "and hash collision attack",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-02-24T16:54:05.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "[oss-security] 20120119 Re: CVE request: Jenkins",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2012/01/20/8"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://security-tracker.debian.org/tracker/CVE-2012-0785"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://access.redhat.com/security/cve/cve-2012-0785"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://jenkins.io/security/advisory/2012-01-12/"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.cloudbees.com/jenkins-security-advisory-2012-01-12"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secalert@redhat.com",
              "ID": "CVE-2012-0785",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Jenkins",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "before 1.447"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Jenkins LTS",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "before 1.424.2"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Jenkins Enterprise by CloudBees",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "1.424.x before 1.424.2.1"
                              },
                              {
                                "version_value": "1.400.x before 1.400.0.11"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Jenkins project"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Hash collision attack vulnerability in Jenkins before 1.447, Jenkins LTS before 1.424.2, and Jenkins Enterprise by CloudBees 1.424.x before 1.424.2.1 and 1.400.x before 1.400.0.11 could allow remote attackers to cause a considerable CPU load, aka \"the Hash DoS attack.\""
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "and hash collision attack"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "[oss-security] 20120119 Re: CVE request: Jenkins",
                  "refsource": "MLIST",
                  "url": "http://www.openwall.com/lists/oss-security/2012/01/20/8"
                },
                {
                  "name": "https://security-tracker.debian.org/tracker/CVE-2012-0785",
                  "refsource": "MISC",
                  "url": "https://security-tracker.debian.org/tracker/CVE-2012-0785"
                },
                {
                  "name": "https://access.redhat.com/security/cve/cve-2012-0785",
                  "refsource": "MISC",
                  "url": "https://access.redhat.com/security/cve/cve-2012-0785"
                },
                {
                  "name": "https://jenkins.io/security/advisory/2012-01-12/",
                  "refsource": "CONFIRM",
                  "url": "https://jenkins.io/security/advisory/2012-01-12/"
                },
                {
                  "name": "https://www.cloudbees.com/jenkins-security-advisory-2012-01-12",
                  "refsource": "CONFIRM",
                  "url": "https://www.cloudbees.com/jenkins-security-advisory-2012-01-12"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2012-0785",
        "datePublished": "2020-02-24T16:54:05.000Z",
        "dateReserved": "2012-01-19T00:00:00.000Z",
        "dateUpdated": "2024-08-06T18:38:14.308Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2012-0785 (GCVE-0-2012-0785)

    Vulnerability from cvelistv5 – Published: 2020-02-24 16:54 – Updated: 2024-08-06 18:38
    VLAI
    Summary
    Hash collision attack vulnerability in Jenkins before 1.447, Jenkins LTS before 1.424.2, and Jenkins Enterprise by CloudBees 1.424.x before 1.424.2.1 and 1.400.x before 1.400.0.11 could allow remote attackers to cause a considerable CPU load, aka "the Hash DoS attack."
    Severity
    No CVSS data available.
    CWE
    • and hash collision attack
    Assigner
    Impacted products
    Vendor Product Version
    Jenkins project Jenkins Affected: before 1.447
    Create a notification for this product.
    Jenkins project Jenkins LTS Affected: before 1.424.2
    Create a notification for this product.
    Jenkins project Jenkins Enterprise by CloudBees Affected: 1.424.x before 1.424.2.1
    Affected: 1.400.x before 1.400.0.11
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T18:38:14.308Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "[oss-security] 20120119 Re: CVE request: Jenkins",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2012/01/20/8"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://security-tracker.debian.org/tracker/CVE-2012-0785"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/security/cve/cve-2012-0785"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://jenkins.io/security/advisory/2012-01-12/"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.cloudbees.com/jenkins-security-advisory-2012-01-12"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Jenkins",
              "vendor": "Jenkins project",
              "versions": [
                {
                  "status": "affected",
                  "version": "before 1.447"
                }
              ]
            },
            {
              "product": "Jenkins LTS",
              "vendor": "Jenkins project",
              "versions": [
                {
                  "status": "affected",
                  "version": "before 1.424.2"
                }
              ]
            },
            {
              "product": "Jenkins Enterprise by CloudBees",
              "vendor": "Jenkins project",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.424.x before 1.424.2.1"
                },
                {
                  "status": "affected",
                  "version": "1.400.x before 1.400.0.11"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Hash collision attack vulnerability in Jenkins before 1.447, Jenkins LTS before 1.424.2, and Jenkins Enterprise by CloudBees 1.424.x before 1.424.2.1 and 1.400.x before 1.400.0.11 could allow remote attackers to cause a considerable CPU load, aka \"the Hash DoS attack.\""
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "and hash collision attack",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-02-24T16:54:05.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "[oss-security] 20120119 Re: CVE request: Jenkins",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2012/01/20/8"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://security-tracker.debian.org/tracker/CVE-2012-0785"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://access.redhat.com/security/cve/cve-2012-0785"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://jenkins.io/security/advisory/2012-01-12/"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.cloudbees.com/jenkins-security-advisory-2012-01-12"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secalert@redhat.com",
              "ID": "CVE-2012-0785",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Jenkins",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "before 1.447"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Jenkins LTS",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "before 1.424.2"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Jenkins Enterprise by CloudBees",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "1.424.x before 1.424.2.1"
                              },
                              {
                                "version_value": "1.400.x before 1.400.0.11"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Jenkins project"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Hash collision attack vulnerability in Jenkins before 1.447, Jenkins LTS before 1.424.2, and Jenkins Enterprise by CloudBees 1.424.x before 1.424.2.1 and 1.400.x before 1.400.0.11 could allow remote attackers to cause a considerable CPU load, aka \"the Hash DoS attack.\""
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "and hash collision attack"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "[oss-security] 20120119 Re: CVE request: Jenkins",
                  "refsource": "MLIST",
                  "url": "http://www.openwall.com/lists/oss-security/2012/01/20/8"
                },
                {
                  "name": "https://security-tracker.debian.org/tracker/CVE-2012-0785",
                  "refsource": "MISC",
                  "url": "https://security-tracker.debian.org/tracker/CVE-2012-0785"
                },
                {
                  "name": "https://access.redhat.com/security/cve/cve-2012-0785",
                  "refsource": "MISC",
                  "url": "https://access.redhat.com/security/cve/cve-2012-0785"
                },
                {
                  "name": "https://jenkins.io/security/advisory/2012-01-12/",
                  "refsource": "CONFIRM",
                  "url": "https://jenkins.io/security/advisory/2012-01-12/"
                },
                {
                  "name": "https://www.cloudbees.com/jenkins-security-advisory-2012-01-12",
                  "refsource": "CONFIRM",
                  "url": "https://www.cloudbees.com/jenkins-security-advisory-2012-01-12"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2012-0785",
        "datePublished": "2020-02-24T16:54:05.000Z",
        "dateReserved": "2012-01-19T00:00:00.000Z",
        "dateUpdated": "2024-08-06T18:38:14.308Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }