WEB APPLICATION VULNERABILITIES Standard & Premium

Jenkins Uncontrolled Resource Consumption Vulnerability (CVE-2012-0785)

Description

Hash collision attack vulnerability in Jenkins before 1.447, Jenkins LTS before 1.424.2, and Jenkins Enterprise by CloudBees 1.424.x before 1.424.2.1 and 1.400.x before 1.400.0.11 could allow remote attackers to cause a considerable CPU load, aka "the Hash DoS attack."

Remediation

References

Related Vulnerabilities

phpList Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2008-6178)

Oracle Database Server CVE-2008-1813 Vulnerability (CVE-2008-1813)

osTicket Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-1176)

WordPress Plugin OAuth client Single Sign On for WordPress (OAuth 2.0 SSO) Security Bypass (3.0.3)

Grafana Improper Authentication Vulnerability (CVE-2021-39226)

Severity

High

Classification

CVE-2012-0785 CWE-400 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Tags

Missing Update Known Vulnerabilities