CVE-2012-0785

Summary

Hash collision attack vulnerability in Jenkins before 1.447, Jenkins LTS before 1.424.2, and Jenkins Enterprise by CloudBees 1.424.x before 1.424.2.1 and 1.400.x before 1.400.0.11 could allow remote attackers to cause a considerable CPU load, aka "the Hash DoS attack."

Affected Software

VendorProductVersion RangeStatus
Jenkins projectJenkinsbefore 1.447affected
Jenkins projectJenkins LTSbefore 1.424.2affected
Jenkins projectJenkins Enterprise by CloudBees1.424.x before 1.424.2.1affected
Jenkins projectJenkins Enterprise by CloudBees1.400.x before 1.400.0.11affected

Weaknesses

  • and hash collision attack

ADP Enrichment

CVE Program Container

Additional References

References