Lucene search
K

4 matches found

OSV
OSV
added 2018/01/26 2:29 a.m.20 views

CVE-2017-1000401

The Jenkins 2.73.1 and earlier, 2.83 and earlier default form control for passwords and other secrets, , supports form validation e.g. for API keys. The form validation AJAX requests were sent via GET, which could result in secrets being logged to a HTTP access log in non-default configurations o...

2.2CVSS4.2AI score
Exploits0References1
CVE
CVE
added 2018/01/26 2:0 a.m.101 views

CVE-2017-1000401

CVE-2017-1000401 affects Jenkins versions 2.73.1 and earlier, and 2.83 and earlier, where the default form control used GET for validation requests. This could cause secrets (e.g., API keys) to be logged in HTTP access logs in non-default configurations. The issue has been mitigated by changing ...

2.2CVSS4AI score0.00391EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2017/11/21 11:22 a.m.23 views

CVE-2017-1000401

The Jenkins 2.73.1 and earlier, 2.83 and earlier default form control for passwords and other secrets, , supports form validation e.g. for API keys. The form validation AJAX requests were sent via GET, which could result in secrets being logged to a HTTP access log in non-default configurations o...

2.2CVSS0.8AI score0.00391EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2017/11/07 12:0 a.m.28 views

Jenkins Multiple Vulnerabilities (Oct 2017) - Linux

Jenkins is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:jenkins:jenkins"; ifdescription...

9CVSS6AI score0.05844EPSS
Exploits0References1
Rows per page
Query Builder