Lucene search
GoogleOSV:CVE-2017-2606HistoryMay 08, 2018 - 8:29 p.m.
CVE-2017-2606
2018-05-0820:29:00
Google
osv.dev
9
Jenkins before versions 2.44, 2.32.2 is vulnerable to an information exposure in the internal API that allows access to item names that should not be visible (SECURITY-380). This only affects anonymous users (other users legitimately have access) that were able to get a list of items via an UnprotectedRootAction.
Related
github
github
Exposure of Sensitive Information to an Unauthorized Actor in Jenkins
2022-05-13 01:36:54
ubuntucve
ubuntucve
CVE-2017-2606
2018-05-08 00:00:00
prion
prion
Design/Logic Flaw
2018-05-08 20:29:00
osv
osv
Exposure of Sensitive Information to an Unauthorized Actor in Jenkins
2022-05-13 01:36:54
redhatcve
redhatcve
CVE-2017-2606
2017-02-02 15:20:55
cvelist
cvelist
CVE-2017-2606
2018-05-08 20:00:00
cve
cve
CVE-2017-2606
2018-05-08 20:29:00
nvd
nvd
CVE-2017-2606
2018-05-08 20:29:00
nessus
nessus
freebsd
freebsd
jenkins -- multiple vulnerabilities
2017-02-01 00:00:00
openvas
openvas
Jenkins Multiple Vulnerabilities (Feb 2017) - Linux
2017-03-13 00:00:00
Jenkins Multiple Vulnerabilities (Feb 2017) - Windows
2017-03-13 00:00:00