VYPR
Moderate severityNVD Advisory· Published Oct 16, 2014· Updated Jun 17, 2026

CVE-2014-3680

CVE-2014-3680

Description

Jenkins before 1.583 and LTS before 1.565.3 allows remote authenticated users with the Job/READ permission to obtain the default value for the password field of a parameterized job by reading the DOM.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
org.jenkins-ci.main:jenkins-coreMaven
>= 1.566, < 1.5831.583
org.jenkins-ci.main:jenkins-coreMaven
< 1.565.31.565.3

Affected products

4

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.