CloudBees Jenkins Build Failure Analyzer Plugin Cross-Site Request Forgery Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools . A cross-site request forgery vulnerability exists in CloudBees Jenkins Build Failure Analyzer Plugin 1.24.1 and prior versions. The vulnerability stems from a WEB...

CVE-2019-16555

A user-supplied regular expression in Jenkins Build Failure Analyzer Plugin 1.24.1 and earlier was processed in a way that wasn't interruptible, allowing attackers to have Jenkins evaluate a regular expression without the ability to interrupt this process...