EPSS
Percentile
57.7%
Jenkins 2.218 and earlier, LTS 2.204.1 and earlier did not use a constant-time comparison function for validating connection secrets, which could potentially allow an attacker to use a timing attack to obtain this secret.
bugzilla.redhat.com/show_bug.cgi?id=1797084
nvd.nist.gov/vuln/detail/CVE-2020-2101
www.cve.org/CVERecord?id=CVE-2020-2101