Description
The doIndex function in hudson/util/RemotingDiagnostics.java in CloudBees Jenkins before 1.551 and LTS before 1.532.2 allows remote authenticated users with the ADMINISTER permission to obtain sensitive information via vectors related to heapDump.
Remediation
References
Related Vulnerabilities
Squid Data Processing Errors Vulnerability (CVE-2014-7141)
Ruby on Rails CVE-2015-3227 Vulnerability (CVE-2015-3227)
WordPress Plugin Realteo Multiple Vulnerabilities (1.2.3)
Oracle JRE CVE-2014-0452 Vulnerability (CVE-2014-0452)
Sqlite Improper Validation of Array Index Vulnerability (CVE-2022-35737)