← back
CVE-2012-0785

CVE-2012-0785

EPSS 3.4%
Hash collision attack vulnerability in Jenkins before 1.447, Jenkins LTS before 1.424.2, and Jenkins Enterprise by CloudBees 1.424.x before 1.424.2.1 and 1.400.x before 1.400.0.11 could allow remote attackers to cause a considerable CPU load, aka "the Hash DoS attack."
Affected products
Jenkins project · JenkinsJenkins project · Jenkins Enterprise by CloudBeesJenkins project · Jenkins LTS

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://access.redhat.com/security/cve/cve-2012-0785https://jenkins.io/security/advisory/2012-01-12/https://security-tracker.debian.org/tracker/CVE-2012-0785https://www.cloudbees.com/jenkins-security-advisory-2012-01-12http://www.openwall.com/lists/oss-security/2012/01/20/8