Description

Hash collision attack vulnerability in Jenkins before 1.447, Jenkins LTS before 1.424.2, and Jenkins Enterprise by CloudBees 1.424.x before 1.424.2.1 and 1.400.x before 1.400.0.11 could allow remote attackers to cause a considerable CPU load, aka "the Hash DoS attack."

Remediation

References

CVE-2012-0785

Related Vulnerabilities

MongoDb Improper Input Validation Vulnerability (CVE-2014-3971)

MySQL CVE-2017-3637 Vulnerability (CVE-2017-3637)

PHP Use After Free Vulnerability (CVE-2016-6290)

WordPress Plugin WP Statistics Cross-Site Scripting (8.3)

phpMyAdmin Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-6625)

Severity

High

Classification

CVE-2012-0785 CWE-400 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Tags

Missing Update Known Vulnerabilities