CVE-2020-2102

Summary

Jenkins 2.218 and earlier, LTS 2.204.1 and earlier used a non-constant time comparison function when validating an HMAC.

Affected Software

VendorProductVersion RangeStatus
Jenkins projectJenkinsunspecified <= 2.218affected
Jenkins projectJenkinsunspecified <= LTS 2.204.1affected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

References