Moderate severityNVD Advisory· Published Dec 10, 2018· Updated Aug 5, 2024
CVE-2018-1000864
CVE-2018-1000864
Description
A denial of service vulnerability exists in Jenkins 2.153 and earlier, LTS 2.138.3 and earlier in CronTab.java that allows attackers with Overall/Read permission to have a request handling thread enter an infinite loop.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.jenkins-ci.main:jenkins-coreMaven | < 2.138.4 | 2.138.4 |
org.jenkins-ci.main:jenkins-coreMaven | >= 2.140, < 2.154 | 2.154 |
Affected products
1Patches
Vulnerability mechanics
References
6- access.redhat.com/errata/RHBA-2019:0024ghsavendor-advisoryx_refsource_REDHATWEB
- github.com/advisories/GHSA-9cjv-93g7-c6mvghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2018-1000864ghsaADVISORY
- www.securityfocus.com/bid/106176ghsavdb-entryx_refsource_BIDWEB
- github.com/jenkinsci/jenkins/commit/73afa0ca786a87f05b5433e2e38f863826fcad17ghsaWEB
- jenkins.io/security/advisory/2018-12-05/ghsax_refsource_CONFIRMWEB
News mentions
0No linked articles in our index yet.