GHSA-R5M2-G5GC-Q43R Jenkins Denial of Service vulnerability

Jenkins before 1.583 and LTS before 1.565.3 allows remote attackers to cause a denial of service thread consumption via vectors related to a CLI handshake...

jenkins: remote code execution flaw (SECURITY-150)

Jenkins before 1.583 and LTS before 1.565.3 allows remote attackers to execute arbitrary code via a crafted packet to the CLI channel...

PT-2014-5440 · Cloudbees +1 · Jenkins

Name of the Vulnerable Software and Affected Versions: Jenkins versions prior to 1.583 Jenkins LTS versions prior to 1.565.3 Description: The issue allows remote attackers to enumerate user names via vectors related to login attempts. Recommendations: For Jenkins versions prior to 1.583, update t...

jenkins: plug-in code can be downloaded by anyone with read access (SECURITY-155)

Jenkins before 1.583 and LTS before 1.565.3 does not properly prevent downloading of plugins, which allows remote authenticated users with the Overall/READ permission to obtain sensitive information by reading the plugin code...