Description
Jenkins 2.218 and earlier, LTS 2.204.1 and earlier used a non-constant time comparison function when validating an HMAC.
Remediation
References
Related Vulnerabilities
Joomla Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2020-15698)
WordPress Plugin VideoWhisper Video Presentation 'c_status.php' SQL Injection (1.1)
Oracle Application Server CVE-2006-5363 Vulnerability (CVE-2006-5363)
WordPress Plugin WP Insightly for Contact Form 7 and Ninja Forms Cross-Site Scripting (1.0.7)