VYPR
High severity7.5NVD Advisory· Published Aug 23, 2018· Updated Jun 17, 2026

CVE-2018-1999043

CVE-2018-1999043

Description

A denial of service vulnerability exists in Jenkins 2.137 and earlier, 2.121.2 and earlier in BasicAuthenticationFilter.java, BasicHeaderApiTokenAuthenticator.java that allows attackers to create ephemeral in-memory user records by attempting to log in using invalid credentials.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
org.jenkins-ci.main:jenkins-coreMaven
< 2.121.32.121.3
org.jenkins-ci.main:jenkins-coreMaven
>= 2.122, < 2.1382.138

Affected products

1

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.