Lucene search
GoogleOSV:GHSA-99HJ-PPG3-2XWCHistoryMay 14, 2022 - 1:04 a.m.
Cross-Site Request Forgery in Jenkins
2022-05-1401:04:36
Google
osv.dev
9
jenkins
race condition
csrf
EPSS
0.001
Percentile
44.7%
A race condition during Jenkins 2.94 and earlier; 2.89.1 and earlier startup could result in the wrong order of execution of commands during initialization. There is a very short window of time after startup during which Jenkins may no longer show the ‘Please wait while Jenkins is getting ready to work’ message but Cross-Site Request Forgery (CSRF) protection may not yet be effective.
Related
osv
osv
CVE-2017-1000504
2018-01-24 23:29:00
prion
prion
Race condition
2018-01-24 23:29:00
redhatcve
redhatcve
CVE-2017-1000504
2018-01-29 02:20:03
openvas
openvas
Jenkins CSRF Protection Delay Vulnerability - Linux
2018-01-29 00:00:00
Jenkins CSRF Protection Delay Vulnerability - Windows
2018-01-29 00:00:00
nvd
nvd
CVE-2017-1000504
2018-01-24 23:29:00
github
github
Cross-Site Request Forgery in Jenkins
2022-05-14 01:04:36
cve
cve
CVE-2017-1000504
2018-01-24 23:29:00
cvelist
cvelist
CVE-2017-1000504
2018-01-24 23:00:00
nessus
nessus
Jenkins < 2.89.2 / 2.95 Multiple Vulnerabilities
2018-02-01 00:00:00