Lucene search

Veracode Vulnerability DatabaseVERACODE:16654

HistoryMay 02, 2019 - 5:21 a.m.

Sensitive Information Disclosure

2019-05-0205:21:29

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

JSON

Jenkins Continuous Integration Server is vulnerable to sensitive information disclosure.It allows the attacker to perfomr a direct request to queue/api.

CPENameOperatorVersion
nodejs-kind-ofeq2.0.1__1.el7aos
nodejs-read-all-streameq1.0.2__1.el7
nodejs-mkdirpeq0.3.5__3.el7
nodejs-prepend-httpeq1.0.1__1.el7
nodejs-readdirpeq0.4.0__1.el7
nodejs-fromeq0.1.3__1.el7
nodejs-object-assigneq2.0.0__3.el7aos
nodejs-object-assigneq2.0.0__2.el7
nodejs-graceful-fseq2.0.0__2.el7
nodejs-duplexifyeq3.2.0__2.el7

Name	Operator	Version
nodejs-kind-of	eq	2.0.1__1.el7aos
nodejs-read-all-stream	eq	1.0.2__1.el7
nodejs-mkdirp	eq	0.3.5__3.el7
nodejs-prepend-http	eq	1.0.1__1.el7
nodejs-readdirp	eq	0.4.0__1.el7
nodejs-from	eq	0.1.3__1.el7
nodejs-object-assign	eq	2.0.0__3.el7aos
nodejs-object-assign	eq	2.0.0__2.el7
nodejs-graceful-fs	eq	2.0.0__2.el7
nodejs-duplexify	eq	3.2.0__2.el7

Rows per page:

1-10 of 3811

References

rhn.redhat.com/errata/RHSA-2016-0489.html

access.redhat.com/errata/RHSA-2016:0070

access.redhat.com/security/updates/classification/#important

bugzilla.redhat.com/show_bug.cgi?id=1243514

bugzilla.redhat.com/show_bug.cgi?id=1247523

bugzilla.redhat.com/show_bug.cgi?id=1254880

bugzilla.redhat.com/show_bug.cgi?id=1256869

bugzilla.redhat.com/show_bug.cgi?id=1268478

bugzilla.redhat.com/show_bug.cgi?id=1273739

bugzilla.redhat.com/show_bug.cgi?id=1277329

bugzilla.redhat.com/show_bug.cgi?id=1277383

bugzilla.redhat.com/show_bug.cgi?id=1277608

bugzilla.redhat.com/show_bug.cgi?id=1278232

bugzilla.redhat.com/show_bug.cgi?id=1278630

bugzilla.redhat.com/show_bug.cgi?id=1279404

bugzilla.redhat.com/show_bug.cgi?id=1279744

bugzilla.redhat.com/show_bug.cgi?id=1279925

bugzilla.redhat.com/show_bug.cgi?id=1280216

bugzilla.redhat.com/show_bug.cgi?id=1280497

bugzilla.redhat.com/show_bug.cgi?id=1282426

bugzilla.redhat.com/show_bug.cgi?id=1282738

bugzilla.redhat.com/show_bug.cgi?id=1283952

bugzilla.redhat.com/show_bug.cgi?id=1284506

bugzilla.redhat.com/show_bug.cgi?id=1287414

bugzilla.redhat.com/show_bug.cgi?id=1287943

bugzilla.redhat.com/show_bug.cgi?id=1288014

bugzilla.redhat.com/show_bug.cgi?id=1289603

bugzilla.redhat.com/show_bug.cgi?id=1289965

bugzilla.redhat.com/show_bug.cgi?id=1290643

bugzilla.redhat.com/show_bug.cgi?id=1290967

bugzilla.redhat.com/show_bug.cgi?id=1292621

bugzilla.redhat.com/show_bug.cgi?id=1293251

bugzilla.redhat.com/show_bug.cgi?id=1293252

bugzilla.redhat.com/show_bug.cgi?id=1293829

bugzilla.redhat.com/show_bug.cgi?id=1293877

bugzilla.redhat.com/show_bug.cgi?id=1294115

bugzilla.redhat.com/show_bug.cgi?id=1294798

bugzilla.redhat.com/show_bug.cgi?id=1296457

rhn.redhat.com/errata/RHSA-2016-0070.html

wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

JSON

Related for VERACODE:16654