CVE-2012-4438

Severity CVSS v4.0:
Pending analysis
Type:
CWE-20 Input Validation
Publication date:
18/11/2019
Last modified:
21/11/2024

Description

Jenkins main before 1.482 and LTS before 1.466.2 allows remote attackers with read access and HTTP access to Jenkins master to insert data and execute arbitrary code.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:* 1.466.2 (excluding)
cpe:2.3:a:jenkins:jenkins:*:*:*:*:-:*:*:* 1.482 (excluding)