6 matches found
Jenkins < 2.219, < 2.204.2 LTS Multiple Vulnerabilities - Linux
Jenkins is prone to multiple vulnerabilities. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Jenkins < 2.219, < 2.204.2 LTS Multiple Vulnerabilities - Windows
Jenkins is prone to multiple vulnerabilities. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
CVE-2020-2102
Jenkins 2.218 and earlier, LTS 2.204.1 and earlier used a non-constant time comparison function when validating an HMAC...
CVE-2020-2102
Jenkins 2.218 and earlier, LTS 2.204.1 and earlier used a non-constant time comparison function when validating an HMAC...
CVE-2020-2102
CVE-2020-2102 affects Jenkins 2.218 and earlier, and LTS 2.204.1 and earlier, where the HMAC validation used a non-constant-time comparison. This can enable a timing-side-channel attack to infer a correct HMAC value for attacker-controlled input. The issue is addressed in Jenkins 2.219 and LTS 2....
CVE-2020-2102
Jenkins 2.218 and earlier, LTS 2.204.1 and earlier used a non-constant time comparison function when validating an HMAC...