Denial Of Service (DoS)

org.jenkins-ci.main, jenkins-core is vulnerable to Denial of Service DoS. The vulnerability is due to improper handling and closure of corrupted HTTP-based CLI connection streams, which allows an unauthenticated attacker to trigger a denial of service by sending malformed or corrupted connection...

FreeBSD : jenkins -- multiple vulnerabilities (2956aba3-1fcb-4c39-9cea-d88a46a3bf93)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 2956aba3-1fcb-4c39-9cea-d88a46a3bf93 advisory. Jenkins Security Advisory: Denial of service vulnerability in HTTP-based CLI Missing permissio...

CVE-2025-67635

Jenkins 2.540 and earlier, LTS 2.528.2 and earlier does not properly close HTTP-based CLI connections when the connection stream becomes corrupted, allowing unauthenticated attackers to cause a denial of service...

PT-2025-50353

Name of the Vulnerable Software and Affected Versions Jenkins versions 2.540 and earlier Jenkins LTS versions 2.528.2 and earlier Description Jenkins does not properly close HTTP-based CLI connections when the connection stream becomes corrupted. This can allow unauthenticated attackers to cause ...

EUVD-2018-0253

Malware in sbrugna...

Jenkins CLI - Java Deserialization

Jenkins versions 2.56 and earlier as well as 2.46.1 LTS and earlier are vulnerable to an unauthenticated remote code execution. An unauthenticated remote code execution vulnerability allowed attackers to transfer a serialized Java SignedObject object to the Jenkins CLI, that would be deserialized...

Deserialization of Untrusted Data in Jenkins

Jenkins versions 2.56 and earlier as well as 2.46.1 LTS and earlier are vulnerable to an unauthenticated remote code execution. An unauthenticated remote code execution vulnerability allowed attackers to transfer a serialized Java SignedObject object to the Jenkins CLI, that would be deserialized...

GHSA-26WC-3WQP-G3RP Deserialization of Untrusted Data in Jenkins

Jenkins versions 2.56 and earlier as well as 2.46.1 LTS and earlier are vulnerable to an unauthenticated remote code execution. An unauthenticated remote code execution vulnerability allowed attackers to transfer a serialized Java SignedObject object to the Jenkins CLI, that would be deserialized...

[SECURITY] Fedora 35 Update: httpie-3.1.0-1.fc35

HTTPie is a CLI HTTP utility built out of frustration with existing tools. The goal is to make CLI interaction with HTTP-based services as human-friendly as possible. HTTPie does so by providing an http command that allows for issuing arbitrary HTTP requests using a simple and natural syntax and...

chatc-cli (>=0.1.7 <=0.1.9), fast-http-cli (>=0.0.1 <=0.0.8) potentially affected by CVE-2020-7687 via fast-http (>=0.1.2 <=0.1.3)

fast-http NPM version =0.1.2, =0.1.7, =0.0.1, =0.0.8 Source cves: CVE-2020-7687 Source advisory: OSV:GHSA-7PHR-5M9X-RW9Q...

chatc-cli (>=0.1.7 <=0.1.9), fast-http-cli (>=0.0.1 <=0.0.8) potentially affected by CVE-2020-7687 via fast-http (>=0.1.2 <=0.1.3)

fast-http NPM version =0.1.2, =0.1.7, =0.0.1, =0.0.8 Source cves: CVE-2020-7687 Source advisory: SNYK:JS-FASTHTTP-572892...

Directory Traversal in fast-http-cli

fast-http-cli is the command line interface for fast-http, a simple web server. fast-http-cli is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. Example request: http GET /../../../../../../../../../../etc/passwd HTTP/1.1 host:...

GHSA-9FRQ-F867-HGQC Directory Traversal in fast-http-cli

fast-http-cli is the command line interface for fast-http, a simple web server. fast-http-cli is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. Example request: http GET /../../../../../../../../../../etc/passwd HTTP/1.1 host:...

Directory Traversal

fast-http-cli is vulnerable to directory traversal attacks. These attacks are possible by requesting a url such as /..%2f..%2fetc/passwd to get sensitive information...

Fast-http-cli Directory Traversal Vulnerability

fast-http-cli is a command-line based HTTP server. A directory traversal vulnerability exists in fast-http-cli. An attacker can exploit this vulnerability by placing a '. /' sequence in a URL to gain access to the file system...

CVE-2017-16155

fast-http-cli is the command line interface for fast-http, a simple web server. fast-http-cli is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url...

CVE-2017-16155

fast-http-cli is the command line interface for fast-http, a simple web server. fast-http-cli is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url...

Directory traversal

fast-http-cli is the command line interface for fast-http, a simple web server. fast-http-cli is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url...

CVE-2017-16155

fast-http-cli is the command line interface for fast-http, a simple web server. fast-http-cli is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url...

CVE-2017-16155

CVE-2017-16155 affects fast-http-cli , the command-line interface for the lightweight HTTP server fast-http . The issue is a directory traversal vulnerability triggered by placing "../" sequences in the URL, which can grant an attacker access to the server’s filesystem. Public advisories illustra...