CVE-2019-16554

Summary

A missing permission check in Jenkins Build Failure Analyzer Plugin 1.24.1 and earlier allows attackers with Overall/Read permission to have Jenkins evaluate a computationally expensive regular expression.

Affected Software

VendorProductVersion RangeStatus
Jenkins projectJenkins Build Failure Analyzer Pluginunspecified <= 1.24.1affected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

References