4 matches found
CVE-2017-1000401
The Jenkins 2.73.1 and earlier, 2.83 and earlier default form control for passwords and other secrets, , supports form validation e.g. for API keys. The form validation AJAX requests were sent via GET, which could result in secrets being logged to a HTTP access log in non-default configurations o...
CVE-2017-1000401
CVE-2017-1000401 affects Jenkins versions 2.73.1 and earlier, and 2.83 and earlier, where the default form control used GET for validation requests. This could cause secrets (e.g., API keys) to be logged in HTTP access logs in non-default configurations. The issue has been mitigated by changing ...
CVE-2017-1000401
The Jenkins 2.73.1 and earlier, 2.83 and earlier default form control for passwords and other secrets, , supports form validation e.g. for API keys. The form validation AJAX requests were sent via GET, which could result in secrets being logged to a HTTP access log in non-default configurations o...
Jenkins Multiple Vulnerabilities (Oct 2017) - Linux
Jenkins is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:jenkins:jenkins"; ifdescription...