ID CVE-2017-2610
Summary jenkins before versions 2.44, 2.32.2 is vulnerable to a persisted cross-site scripting in search suggestions due to improperly escaping users with less-than and greater-than characters in their names (SECURITY-388).
References
Vulnerable Configurations
  • Jenkins 1.0.10
    cpe:2.3:a:jenkins:jenkins:1.0.10
  • Jenkins 1.0.11
    cpe:2.3:a:jenkins:jenkins:1.0.11
  • Jenkins 1.0.12
    cpe:2.3:a:jenkins:jenkins:1.0.12
  • Jenkins 1.0.13
    cpe:2.3:a:jenkins:jenkins:1.0.13
  • Jenkins 1.0.14
    cpe:2.3:a:jenkins:jenkins:1.0.14
  • Jenkins 1.0.15
    cpe:2.3:a:jenkins:jenkins:1.0.15
  • Jenkins 1.0.16
    cpe:2.3:a:jenkins:jenkins:1.0.16
  • Jenkins 1.17
    cpe:2.3:a:jenkins:jenkins:1.17
  • Jenkins 1.18
    cpe:2.3:a:jenkins:jenkins:1.18
  • Jenkins 1.19
    cpe:2.3:a:jenkins:jenkins:1.19
  • Jenkins 1.20
    cpe:2.3:a:jenkins:jenkins:1.20
  • Jenkins 1.21
    cpe:2.3:a:jenkins:jenkins:1.21
  • Jenkins 1.22
    cpe:2.3:a:jenkins:jenkins:1.22
  • Jenkins 1.23
    cpe:2.3:a:jenkins:jenkins:1.23
  • Jenkins 1.24
    cpe:2.3:a:jenkins:jenkins:1.24
  • Jenkins 1.25
    cpe:2.3:a:jenkins:jenkins:1.25
  • Jenkins 1.26
    cpe:2.3:a:jenkins:jenkins:1.26
  • Jenkins 1.27
    cpe:2.3:a:jenkins:jenkins:1.27
  • Jenkins 1.28
    cpe:2.3:a:jenkins:jenkins:1.28
  • Jenkins 1.29
    cpe:2.3:a:jenkins:jenkins:1.29
  • Jenkins 1.30
    cpe:2.3:a:jenkins:jenkins:1.30
  • Jenkins 1.31
    cpe:2.3:a:jenkins:jenkins:1.31
  • Jenkins 1.32
    cpe:2.3:a:jenkins:jenkins:1.32
  • Jenkins 1.33
    cpe:2.3:a:jenkins:jenkins:1.33
  • Jenkins 1.34
    cpe:2.3:a:jenkins:jenkins:1.34
  • Jenkins 1.35
    cpe:2.3:a:jenkins:jenkins:1.35
  • Jenkins 1.36
    cpe:2.3:a:jenkins:jenkins:1.36
  • Jenkins 1.37
    cpe:2.3:a:jenkins:jenkins:1.37
  • Jenkins 1.38
    cpe:2.3:a:jenkins:jenkins:1.38
  • Jenkins 1.39
    cpe:2.3:a:jenkins:jenkins:1.39
  • Jenkins 1.40
    cpe:2.3:a:jenkins:jenkins:1.40
  • Jenkins 1.41
    cpe:2.3:a:jenkins:jenkins:1.41
  • Jenkins 1.42
    cpe:2.3:a:jenkins:jenkins:1.42
  • Jenkins 1.43
    cpe:2.3:a:jenkins:jenkins:1.43
  • Jenkins 1.44
    cpe:2.3:a:jenkins:jenkins:1.44
  • Jenkins 1.45
    cpe:2.3:a:jenkins:jenkins:1.45
  • Jenkins 1.46
    cpe:2.3:a:jenkins:jenkins:1.46
  • Jenkins 1.47
    cpe:2.3:a:jenkins:jenkins:1.47
  • Jenkins 1.48
    cpe:2.3:a:jenkins:jenkins:1.48
  • Jenkins 1.49
    cpe:2.3:a:jenkins:jenkins:1.49
  • Jenkins 1.50
    cpe:2.3:a:jenkins:jenkins:1.50
  • Jenkins 1.51
    cpe:2.3:a:jenkins:jenkins:1.51
  • Jenkins 1.52
    cpe:2.3:a:jenkins:jenkins:1.52
  • Jenkins 1.53
    cpe:2.3:a:jenkins:jenkins:1.53
  • Jenkins 1.54
    cpe:2.3:a:jenkins:jenkins:1.54
  • Jenkins 1.55
    cpe:2.3:a:jenkins:jenkins:1.55
  • Jenkins 1.56
    cpe:2.3:a:jenkins:jenkins:1.56
  • Jenkins 1.57
    cpe:2.3:a:jenkins:jenkins:1.57
  • Jenkins 1.58
    cpe:2.3:a:jenkins:jenkins:1.58
  • Jenkins 1.59
    cpe:2.3:a:jenkins:jenkins:1.59
  • Jenkins 1.60
    cpe:2.3:a:jenkins:jenkins:1.60
  • Jenkins 1.61
    cpe:2.3:a:jenkins:jenkins:1.61
  • Jenkins 1.62
    cpe:2.3:a:jenkins:jenkins:1.62
  • Jenkins 1.63
    cpe:2.3:a:jenkins:jenkins:1.63
  • Jenkins 1.64
    cpe:2.3:a:jenkins:jenkins:1.64
  • Jenkins 1.65
    cpe:2.3:a:jenkins:jenkins:1.65
  • Jenkins 1.66
    cpe:2.3:a:jenkins:jenkins:1.66
  • Jenkins 1.67
    cpe:2.3:a:jenkins:jenkins:1.67
  • Jenkins 1.68
    cpe:2.3:a:jenkins:jenkins:1.68
  • Jenkins 1.69
    cpe:2.3:a:jenkins:jenkins:1.69
  • Jenkins 1.70
    cpe:2.3:a:jenkins:jenkins:1.70
  • Jenkins 1.71
    cpe:2.3:a:jenkins:jenkins:1.71
  • Jenkins 1.72
    cpe:2.3:a:jenkins:jenkins:1.72
  • Jenkins 1.73
    cpe:2.3:a:jenkins:jenkins:1.73
  • Jenkins 1.74
    cpe:2.3:a:jenkins:jenkins:1.74
  • Jenkins 1.75
    cpe:2.3:a:jenkins:jenkins:1.75
  • Jenkins 1.76
    cpe:2.3:a:jenkins:jenkins:1.76
  • Jenkins 1.77
    cpe:2.3:a:jenkins:jenkins:1.77
  • Jenkins 1.78
    cpe:2.3:a:jenkins:jenkins:1.78
  • Jenkins 1.79
    cpe:2.3:a:jenkins:jenkins:1.79
  • Jenkins 1.80
    cpe:2.3:a:jenkins:jenkins:1.80
  • Jenkins 1.81
    cpe:2.3:a:jenkins:jenkins:1.81
  • Jenkins 1.82
    cpe:2.3:a:jenkins:jenkins:1.82
  • Jenkins 1.83
    cpe:2.3:a:jenkins:jenkins:1.83
  • Jenkins 1.84
    cpe:2.3:a:jenkins:jenkins:1.84
  • Jenkins 1.85
    cpe:2.3:a:jenkins:jenkins:1.85
  • Jenkins 1.86
    cpe:2.3:a:jenkins:jenkins:1.86
  • Jenkins 1.87
    cpe:2.3:a:jenkins:jenkins:1.87
  • Jenkins 1.88
    cpe:2.3:a:jenkins:jenkins:1.88
  • Jenkins 1.89
    cpe:2.3:a:jenkins:jenkins:1.89
  • Jenkins 1.90
    cpe:2.3:a:jenkins:jenkins:1.90
  • Jenkins 1.91
    cpe:2.3:a:jenkins:jenkins:1.91
  • Jenkins 1.92
    cpe:2.3:a:jenkins:jenkins:1.92
  • Jenkins 1.93
    cpe:2.3:a:jenkins:jenkins:1.93
  • Jenkins 1.94
    cpe:2.3:a:jenkins:jenkins:1.94
  • Jenkins 1.95
    cpe:2.3:a:jenkins:jenkins:1.95
  • Jenkins 1.96
    cpe:2.3:a:jenkins:jenkins:1.96
  • Jenkins 1.97
    cpe:2.3:a:jenkins:jenkins:1.97
  • Jenkins 1.98
    cpe:2.3:a:jenkins:jenkins:1.98
  • Jenkins 1.99
    cpe:2.3:a:jenkins:jenkins:1.99
  • Jenkins 1.100
    cpe:2.3:a:jenkins:jenkins:1.100
  • Jenkins 1.101
    cpe:2.3:a:jenkins:jenkins:1.101
  • Jenkins 1.102
    cpe:2.3:a:jenkins:jenkins:1.102
  • Jenkins 1.103
    cpe:2.3:a:jenkins:jenkins:1.103
  • Jenkins 1.104
    cpe:2.3:a:jenkins:jenkins:1.104
  • Jenkins 1.105
    cpe:2.3:a:jenkins:jenkins:1.105
  • Jenkins 1.106
    cpe:2.3:a:jenkins:jenkins:1.106
  • Jenkins 1.107
    cpe:2.3:a:jenkins:jenkins:1.107
  • Jenkins 1.108
    cpe:2.3:a:jenkins:jenkins:1.108
  • Jenkins 1.109
    cpe:2.3:a:jenkins:jenkins:1.109
  • Jenkins 1.110
    cpe:2.3:a:jenkins:jenkins:1.110
  • Jenkins 1.111
    cpe:2.3:a:jenkins:jenkins:1.111
  • Jenkins 1.112
    cpe:2.3:a:jenkins:jenkins:1.112
  • Jenkins 1.113
    cpe:2.3:a:jenkins:jenkins:1.113
  • Jenkins 1.114
    cpe:2.3:a:jenkins:jenkins:1.114
  • Jenkins 1.115
    cpe:2.3:a:jenkins:jenkins:1.115
  • Jenkins 1.116
    cpe:2.3:a:jenkins:jenkins:1.116
  • Jenkins 1.117
    cpe:2.3:a:jenkins:jenkins:1.117
  • Jenkins 1.118
    cpe:2.3:a:jenkins:jenkins:1.118
  • Jenkins 1.119
    cpe:2.3:a:jenkins:jenkins:1.119
  • Jenkins 1.120
    cpe:2.3:a:jenkins:jenkins:1.120
  • Jenkins 1.121
    cpe:2.3:a:jenkins:jenkins:1.121
  • Jenkins 1.122
    cpe:2.3:a:jenkins:jenkins:1.122
  • Jenkins 1.123
    cpe:2.3:a:jenkins:jenkins:1.123
  • Jenkins 1.124
    cpe:2.3:a:jenkins:jenkins:1.124
  • Jenkins 1.125
    cpe:2.3:a:jenkins:jenkins:1.125
  • Jenkins 1.126
    cpe:2.3:a:jenkins:jenkins:1.126
  • Jenkins 1.127
    cpe:2.3:a:jenkins:jenkins:1.127
  • Jenkins 1.128
    cpe:2.3:a:jenkins:jenkins:1.128
  • Jenkins 1.129
    cpe:2.3:a:jenkins:jenkins:1.129
  • Jenkins 1.130
    cpe:2.3:a:jenkins:jenkins:1.130
  • Jenkins 1.131
    cpe:2.3:a:jenkins:jenkins:1.131
  • Jenkins 1.132
    cpe:2.3:a:jenkins:jenkins:1.132
  • Jenkins 1.133
    cpe:2.3:a:jenkins:jenkins:1.133
  • Jenkins 1.134
    cpe:2.3:a:jenkins:jenkins:1.134
  • Jenkins 1.135
    cpe:2.3:a:jenkins:jenkins:1.135
  • Jenkins 1.136
    cpe:2.3:a:jenkins:jenkins:1.136
  • Jenkins 1.137
    cpe:2.3:a:jenkins:jenkins:1.137
  • Jenkins 1.138
    cpe:2.3:a:jenkins:jenkins:1.138
  • Jenkins 1.139
    cpe:2.3:a:jenkins:jenkins:1.139
  • Jenkins 1.140
    cpe:2.3:a:jenkins:jenkins:1.140
  • Jenkins 1.141
    cpe:2.3:a:jenkins:jenkins:1.141
  • Jenkins 1.142
    cpe:2.3:a:jenkins:jenkins:1.142
  • Jenkins 1.143
    cpe:2.3:a:jenkins:jenkins:1.143
  • Jenkins 1.144
    cpe:2.3:a:jenkins:jenkins:1.144
  • Jenkins 1.145
    cpe:2.3:a:jenkins:jenkins:1.145
  • Jenkins 1.146
    cpe:2.3:a:jenkins:jenkins:1.146
  • Jenkins 1.147
    cpe:2.3:a:jenkins:jenkins:1.147
  • Jenkins 1.148
    cpe:2.3:a:jenkins:jenkins:1.148
  • Jenkins 1.149
    cpe:2.3:a:jenkins:jenkins:1.149
  • Jenkins 1.150
    cpe:2.3:a:jenkins:jenkins:1.150
  • Jenkins 1.151
    cpe:2.3:a:jenkins:jenkins:1.151
  • Jenkins 1.152
    cpe:2.3:a:jenkins:jenkins:1.152
  • Jenkins 1.153
    cpe:2.3:a:jenkins:jenkins:1.153
  • Jenkins 1.154
    cpe:2.3:a:jenkins:jenkins:1.154
  • Jenkins 1.155
    cpe:2.3:a:jenkins:jenkins:1.155
  • Jenkins 1.156
    cpe:2.3:a:jenkins:jenkins:1.156
  • Jenkins 1.157
    cpe:2.3:a:jenkins:jenkins:1.157
  • Jenkins 1.158
    cpe:2.3:a:jenkins:jenkins:1.158
  • Jenkins 1.159
    cpe:2.3:a:jenkins:jenkins:1.159
  • Jenkins 1.160
    cpe:2.3:a:jenkins:jenkins:1.160
  • Jenkins 1.161
    cpe:2.3:a:jenkins:jenkins:1.161
  • Jenkins 1.162
    cpe:2.3:a:jenkins:jenkins:1.162
  • Jenkins 1.163
    cpe:2.3:a:jenkins:jenkins:1.163
  • Jenkins 1.164
    cpe:2.3:a:jenkins:jenkins:1.164
  • Jenkins 1.165
    cpe:2.3:a:jenkins:jenkins:1.165
  • Jenkins 1.166
    cpe:2.3:a:jenkins:jenkins:1.166
  • Jenkins 1.167
    cpe:2.3:a:jenkins:jenkins:1.167
  • Jenkins 1.168
    cpe:2.3:a:jenkins:jenkins:1.168
  • Jenkins 1.169
    cpe:2.3:a:jenkins:jenkins:1.169
  • Jenkins 1.170
    cpe:2.3:a:jenkins:jenkins:1.170
  • Jenkins 1.171
    cpe:2.3:a:jenkins:jenkins:1.171
  • Jenkins 1.172
    cpe:2.3:a:jenkins:jenkins:1.172
  • Jenkins 1.173
    cpe:2.3:a:jenkins:jenkins:1.173
  • Jenkins 1.174
    cpe:2.3:a:jenkins:jenkins:1.174
  • Jenkins 1.175
    cpe:2.3:a:jenkins:jenkins:1.175
  • Jenkins 1.176
    cpe:2.3:a:jenkins:jenkins:1.176
  • Jenkins 1.177
    cpe:2.3:a:jenkins:jenkins:1.177
  • Jenkins 1.178
    cpe:2.3:a:jenkins:jenkins:1.178
  • Jenkins 1.179
    cpe:2.3:a:jenkins:jenkins:1.179
  • Jenkins 1.180
    cpe:2.3:a:jenkins:jenkins:1.180
  • Jenkins 1.181
    cpe:2.3:a:jenkins:jenkins:1.181
  • Jenkins 1.182
    cpe:2.3:a:jenkins:jenkins:1.182
  • Jenkins 1.183
    cpe:2.3:a:jenkins:jenkins:1.183
  • Jenkins 1.184
    cpe:2.3:a:jenkins:jenkins:1.184
  • Jenkins 1.185
    cpe:2.3:a:jenkins:jenkins:1.185
  • Jenkins 1.186
    cpe:2.3:a:jenkins:jenkins:1.186
  • Jenkins 1.187
    cpe:2.3:a:jenkins:jenkins:1.187
  • Jenkins 1.188
    cpe:2.3:a:jenkins:jenkins:1.188
  • Jenkins 1.189
    cpe:2.3:a:jenkins:jenkins:1.189
  • Jenkins 1.190
    cpe:2.3:a:jenkins:jenkins:1.190
  • Jenkins 1.191
    cpe:2.3:a:jenkins:jenkins:1.191
  • Jenkins 1.192
    cpe:2.3:a:jenkins:jenkins:1.192
  • Jenkins 1.193
    cpe:2.3:a:jenkins:jenkins:1.193
  • Jenkins 1.194
    cpe:2.3:a:jenkins:jenkins:1.194
  • Jenkins 1.195
    cpe:2.3:a:jenkins:jenkins:1.195
  • Jenkins 1.196
    cpe:2.3:a:jenkins:jenkins:1.196
  • Jenkins 1.197
    cpe:2.3:a:jenkins:jenkins:1.197
  • Jenkins 1.198
    cpe:2.3:a:jenkins:jenkins:1.198
  • Jenkins 1.199
    cpe:2.3:a:jenkins:jenkins:1.199
  • Jenkins 1.200
    cpe:2.3:a:jenkins:jenkins:1.200
  • Jenkins 1.201
    cpe:2.3:a:jenkins:jenkins:1.201
  • Jenkins 1.202
    cpe:2.3:a:jenkins:jenkins:1.202
  • Jenkins 1.203
    cpe:2.3:a:jenkins:jenkins:1.203
  • Jenkins 1.204
    cpe:2.3:a:jenkins:jenkins:1.204
  • Jenkins 1.205
    cpe:2.3:a:jenkins:jenkins:1.205
  • Jenkins 1.206
    cpe:2.3:a:jenkins:jenkins:1.206
  • Jenkins 1.207
    cpe:2.3:a:jenkins:jenkins:1.207
  • Jenkins 1.208
    cpe:2.3:a:jenkins:jenkins:1.208
  • Jenkins 1.209
    cpe:2.3:a:jenkins:jenkins:1.209
  • Jenkins 1.210
    cpe:2.3:a:jenkins:jenkins:1.210
  • Jenkins 1.211
    cpe:2.3:a:jenkins:jenkins:1.211
  • Jenkins 1.212
    cpe:2.3:a:jenkins:jenkins:1.212
  • Jenkins 1.213
    cpe:2.3:a:jenkins:jenkins:1.213
  • Jenkins 1.214
    cpe:2.3:a:jenkins:jenkins:1.214
  • Jenkins 1.215
    cpe:2.3:a:jenkins:jenkins:1.215
  • Jenkins 1.216
    cpe:2.3:a:jenkins:jenkins:1.216
  • Jenkins 1.217
    cpe:2.3:a:jenkins:jenkins:1.217
  • Jenkins 1.218
    cpe:2.3:a:jenkins:jenkins:1.218
  • Jenkins 1.219
    cpe:2.3:a:jenkins:jenkins:1.219
  • Jenkins 1.220
    cpe:2.3:a:jenkins:jenkins:1.220
  • Jenkins 1.221
    cpe:2.3:a:jenkins:jenkins:1.221
  • Jenkins 1.222
    cpe:2.3:a:jenkins:jenkins:1.222
  • Jenkins 1.223
    cpe:2.3:a:jenkins:jenkins:1.223
  • Jenkins 1.224
    cpe:2.3:a:jenkins:jenkins:1.224
  • Jenkins 1.225
    cpe:2.3:a:jenkins:jenkins:1.225
  • Jenkins 1.226
    cpe:2.3:a:jenkins:jenkins:1.226
  • Jenkins 1.227
    cpe:2.3:a:jenkins:jenkins:1.227
  • Jenkins 1.228
    cpe:2.3:a:jenkins:jenkins:1.228
  • Jenkins 1.229
    cpe:2.3:a:jenkins:jenkins:1.229
  • Jenkins 1.230
    cpe:2.3:a:jenkins:jenkins:1.230
  • Jenkins 1.231
    cpe:2.3:a:jenkins:jenkins:1.231
  • Jenkins 1.232
    cpe:2.3:a:jenkins:jenkins:1.232
  • Jenkins 1.233
    cpe:2.3:a:jenkins:jenkins:1.233
  • Jenkins 1.234
    cpe:2.3:a:jenkins:jenkins:1.234
  • Jenkins 1.235
    cpe:2.3:a:jenkins:jenkins:1.235
  • Jenkins 1.236
    cpe:2.3:a:jenkins:jenkins:1.236
  • Jenkins 1.237
    cpe:2.3:a:jenkins:jenkins:1.237
  • Jenkins 1.238
    cpe:2.3:a:jenkins:jenkins:1.238
  • Jenkins 1.239
    cpe:2.3:a:jenkins:jenkins:1.239
  • Jenkins 1.240
    cpe:2.3:a:jenkins:jenkins:1.240
  • Jenkins 1.241
    cpe:2.3:a:jenkins:jenkins:1.241
  • Jenkins 1.242
    cpe:2.3:a:jenkins:jenkins:1.242
  • Jenkins 1.243
    cpe:2.3:a:jenkins:jenkins:1.243
  • Jenkins 1.244
    cpe:2.3:a:jenkins:jenkins:1.244
  • Jenkins 1.245
    cpe:2.3:a:jenkins:jenkins:1.245
  • Jenkins 1.247
    cpe:2.3:a:jenkins:jenkins:1.247
  • Jenkins 1.248
    cpe:2.3:a:jenkins:jenkins:1.248
  • Jenkins 1.249
    cpe:2.3:a:jenkins:jenkins:1.249
  • Jenkins 1.250
    cpe:2.3:a:jenkins:jenkins:1.250
  • Jenkins 1.251
    cpe:2.3:a:jenkins:jenkins:1.251
  • Jenkins 1.252
    cpe:2.3:a:jenkins:jenkins:1.252
  • Jenkins 1.253
    cpe:2.3:a:jenkins:jenkins:1.253
  • Jenkins 1.254
    cpe:2.3:a:jenkins:jenkins:1.254
  • Jenkins 1.255
    cpe:2.3:a:jenkins:jenkins:1.255
  • Jenkins 1.256
    cpe:2.3:a:jenkins:jenkins:1.256
  • Jenkins 1.257
    cpe:2.3:a:jenkins:jenkins:1.257
  • Jenkins 1.258
    cpe:2.3:a:jenkins:jenkins:1.258
  • Jenkins 1.259
    cpe:2.3:a:jenkins:jenkins:1.259
  • Jenkins 1.260
    cpe:2.3:a:jenkins:jenkins:1.260
  • Jenkins 1.261
    cpe:2.3:a:jenkins:jenkins:1.261
  • Jenkins 1.262
    cpe:2.3:a:jenkins:jenkins:1.262
  • Jenkins 1.263
    cpe:2.3:a:jenkins:jenkins:1.263
  • Jenkins 1.264
    cpe:2.3:a:jenkins:jenkins:1.264
  • Jenkins 1.265
    cpe:2.3:a:jenkins:jenkins:1.265
  • Jenkins 1.266
    cpe:2.3:a:jenkins:jenkins:1.266
  • Jenkins 1.267
    cpe:2.3:a:jenkins:jenkins:1.267
  • Jenkins 1.268
    cpe:2.3:a:jenkins:jenkins:1.268
  • Jenkins 1.269
    cpe:2.3:a:jenkins:jenkins:1.269
  • Jenkins 1.270
    cpe:2.3:a:jenkins:jenkins:1.270
  • Jenkins 1.271
    cpe:2.3:a:jenkins:jenkins:1.271
  • Jenkins 1.272
    cpe:2.3:a:jenkins:jenkins:1.272
  • Jenkins 1.273
    cpe:2.3:a:jenkins:jenkins:1.273
  • Jenkins 1.274
    cpe:2.3:a:jenkins:jenkins:1.274
  • Jenkins 1.275
    cpe:2.3:a:jenkins:jenkins:1.275
  • Jenkins 1.276
    cpe:2.3:a:jenkins:jenkins:1.276
  • Jenkins 1.277
    cpe:2.3:a:jenkins:jenkins:1.277
  • Jenkins 1.278
    cpe:2.3:a:jenkins:jenkins:1.278
  • Jenkins 1.279
    cpe:2.3:a:jenkins:jenkins:1.279
  • Jenkins 1.280
    cpe:2.3:a:jenkins:jenkins:1.280
  • Jenkins 1.281
    cpe:2.3:a:jenkins:jenkins:1.281
  • Jenkins 1.282
    cpe:2.3:a:jenkins:jenkins:1.282
  • Jenkins 1.283
    cpe:2.3:a:jenkins:jenkins:1.283
  • Jenkins 1.284
    cpe:2.3:a:jenkins:jenkins:1.284
  • Jenkins 1.285
    cpe:2.3:a:jenkins:jenkins:1.285
  • Jenkins 1.286
    cpe:2.3:a:jenkins:jenkins:1.286
  • Jenkins 1.287
    cpe:2.3:a:jenkins:jenkins:1.287
  • Jenkins 1.288
    cpe:2.3:a:jenkins:jenkins:1.288
  • Jenkins 1.289
    cpe:2.3:a:jenkins:jenkins:1.289
  • Jenkins 1.290
    cpe:2.3:a:jenkins:jenkins:1.290
  • Jenkins 1.291
    cpe:2.3:a:jenkins:jenkins:1.291
  • Jenkins 1.292
    cpe:2.3:a:jenkins:jenkins:1.292
  • Jenkins 1.293
    cpe:2.3:a:jenkins:jenkins:1.293
  • Jenkins 1.294
    cpe:2.3:a:jenkins:jenkins:1.294
  • Jenkins 1.295
    cpe:2.3:a:jenkins:jenkins:1.295
  • Jenkins 1.296
    cpe:2.3:a:jenkins:jenkins:1.296
  • Jenkins 1.297
    cpe:2.3:a:jenkins:jenkins:1.297
  • Jenkins 1.298
    cpe:2.3:a:jenkins:jenkins:1.298
  • Jenkins 1.299
    cpe:2.3:a:jenkins:jenkins:1.299
  • Jenkins 1.300
    cpe:2.3:a:jenkins:jenkins:1.300
  • Jenkins 1.301
    cpe:2.3:a:jenkins:jenkins:1.301
  • Jenkins 1.302
    cpe:2.3:a:jenkins:jenkins:1.302
  • Jenkins 1.303
    cpe:2.3:a:jenkins:jenkins:1.303
  • Jenkins 1.304
    cpe:2.3:a:jenkins:jenkins:1.304
  • Jenkins 1.305
    cpe:2.3:a:jenkins:jenkins:1.305
  • Jenkins 1.306
    cpe:2.3:a:jenkins:jenkins:1.306
  • Jenkins 1.307
    cpe:2.3:a:jenkins:jenkins:1.307
  • Jenkins 1.308
    cpe:2.3:a:jenkins:jenkins:1.308
  • Jenkins 1.309
    cpe:2.3:a:jenkins:jenkins:1.309
  • Jenkins 1.310
    cpe:2.3:a:jenkins:jenkins:1.310
  • Jenkins 1.311
    cpe:2.3:a:jenkins:jenkins:1.311
  • Jenkins 1.312
    cpe:2.3:a:jenkins:jenkins:1.312
  • Jenkins 1.313
    cpe:2.3:a:jenkins:jenkins:1.313
  • Jenkins 1.314
    cpe:2.3:a:jenkins:jenkins:1.314
  • Jenkins 1.315
    cpe:2.3:a:jenkins:jenkins:1.315
  • Jenkins 1.316
    cpe:2.3:a:jenkins:jenkins:1.316
  • Jenkins 1.317
    cpe:2.3:a:jenkins:jenkins:1.317
  • Jenkins 1.318
    cpe:2.3:a:jenkins:jenkins:1.318
  • Jenkins 1.319
    cpe:2.3:a:jenkins:jenkins:1.319
  • Jenkins 1.320
    cpe:2.3:a:jenkins:jenkins:1.320
  • Jenkins 1.321
    cpe:2.3:a:jenkins:jenkins:1.321
  • Jenkins 1.322
    cpe:2.3:a:jenkins:jenkins:1.322
  • Jenkins 1.323
    cpe:2.3:a:jenkins:jenkins:1.323
  • Jenkins 1.324
    cpe:2.3:a:jenkins:jenkins:1.324
  • Jenkins 1.325
    cpe:2.3:a:jenkins:jenkins:1.325
  • Jenkins 1.326
    cpe:2.3:a:jenkins:jenkins:1.326
  • Jenkins 1.327
    cpe:2.3:a:jenkins:jenkins:1.327
  • Jenkins 1.328
    cpe:2.3:a:jenkins:jenkins:1.328
  • Jenkins 1.329
    cpe:2.3:a:jenkins:jenkins:1.329
  • Jenkins 1.330
    cpe:2.3:a:jenkins:jenkins:1.330
  • Jenkins 1.331
    cpe:2.3:a:jenkins:jenkins:1.331
  • Jenkins 1.332
    cpe:2.3:a:jenkins:jenkins:1.332
  • Jenkins 1.333
    cpe:2.3:a:jenkins:jenkins:1.333
  • Jenkins 1.334
    cpe:2.3:a:jenkins:jenkins:1.334
  • Jenkins 1.335
    cpe:2.3:a:jenkins:jenkins:1.335
  • Jenkins 1.336
    cpe:2.3:a:jenkins:jenkins:1.336
  • Jenkins 1.337
    cpe:2.3:a:jenkins:jenkins:1.337
  • Jenkins 1.338
    cpe:2.3:a:jenkins:jenkins:1.338
  • Jenkins 1.339
    cpe:2.3:a:jenkins:jenkins:1.339
  • Jenkins 1.340
    cpe:2.3:a:jenkins:jenkins:1.340
  • Jenkins 1.341
    cpe:2.3:a:jenkins:jenkins:1.341
  • Jenkins 1.342
    cpe:2.3:a:jenkins:jenkins:1.342
  • Jenkins 1.343
    cpe:2.3:a:jenkins:jenkins:1.343
  • Jenkins 1.344
    cpe:2.3:a:jenkins:jenkins:1.344
  • Jenkins 1.345
    cpe:2.3:a:jenkins:jenkins:1.345
  • Jenkins 1.346
    cpe:2.3:a:jenkins:jenkins:1.346
  • Jenkins 1.347
    cpe:2.3:a:jenkins:jenkins:1.347
  • Jenkins 1.348
    cpe:2.3:a:jenkins:jenkins:1.348
  • Jenkins 1.349
    cpe:2.3:a:jenkins:jenkins:1.349
  • Jenkins 1.350
    cpe:2.3:a:jenkins:jenkins:1.350
  • Jenkins 1.351
    cpe:2.3:a:jenkins:jenkins:1.351
  • Jenkins 1.352
    cpe:2.3:a:jenkins:jenkins:1.352
  • Jenkins 1.353
    cpe:2.3:a:jenkins:jenkins:1.353
  • Jenkins 1.354
    cpe:2.3:a:jenkins:jenkins:1.354
  • Jenkins 1.355
    cpe:2.3:a:jenkins:jenkins:1.355
  • Jenkins 1.356
    cpe:2.3:a:jenkins:jenkins:1.356
  • Jenkins 1.357
    cpe:2.3:a:jenkins:jenkins:1.357
  • Jenkins 1.358
    cpe:2.3:a:jenkins:jenkins:1.358
  • Jenkins 1.359
    cpe:2.3:a:jenkins:jenkins:1.359
  • Jenkins 1.360
    cpe:2.3:a:jenkins:jenkins:1.360
  • Jenkins 1.361
    cpe:2.3:a:jenkins:jenkins:1.361
  • Jenkins 1.362
    cpe:2.3:a:jenkins:jenkins:1.362
  • Jenkins 1.363
    cpe:2.3:a:jenkins:jenkins:1.363
  • Jenkins 1.364
    cpe:2.3:a:jenkins:jenkins:1.364
  • Jenkins 1.365
    cpe:2.3:a:jenkins:jenkins:1.365
  • Jenkins 1.366
    cpe:2.3:a:jenkins:jenkins:1.366
  • Jenkins 1.367
    cpe:2.3:a:jenkins:jenkins:1.367
  • Jenkins 1.368
    cpe:2.3:a:jenkins:jenkins:1.368
  • Jenkins 1.369
    cpe:2.3:a:jenkins:jenkins:1.369
  • Jenkins 1.370
    cpe:2.3:a:jenkins:jenkins:1.370
  • Jenkins 1.371
    cpe:2.3:a:jenkins:jenkins:1.371
  • Jenkins 1.372
    cpe:2.3:a:jenkins:jenkins:1.372
  • Jenkins 1.373
    cpe:2.3:a:jenkins:jenkins:1.373
  • Jenkins 1.374
    cpe:2.3:a:jenkins:jenkins:1.374
  • Jenkins 1.375
    cpe:2.3:a:jenkins:jenkins:1.375
  • Jenkins 1.376
    cpe:2.3:a:jenkins:jenkins:1.376
  • Jenkins 1.377
    cpe:2.3:a:jenkins:jenkins:1.377
  • Jenkins 1.378
    cpe:2.3:a:jenkins:jenkins:1.378
  • Jenkins 1.379
    cpe:2.3:a:jenkins:jenkins:1.379
  • Jenkins 1.380
    cpe:2.3:a:jenkins:jenkins:1.380
  • Jenkins 1.381
    cpe:2.3:a:jenkins:jenkins:1.381
  • Jenkins 1.382
    cpe:2.3:a:jenkins:jenkins:1.382
  • Jenkins 1.383
    cpe:2.3:a:jenkins:jenkins:1.383
  • Jenkins 1.384
    cpe:2.3:a:jenkins:jenkins:1.384
  • Jenkins 1.385
    cpe:2.3:a:jenkins:jenkins:1.385
  • Jenkins 1.386
    cpe:2.3:a:jenkins:jenkins:1.386
  • Jenkins 1.387
    cpe:2.3:a:jenkins:jenkins:1.387
  • Jenkins 1.388
    cpe:2.3:a:jenkins:jenkins:1.388
  • Jenkins 1.389
    cpe:2.3:a:jenkins:jenkins:1.389
  • Jenkins 1.390
    cpe:2.3:a:jenkins:jenkins:1.390
  • Jenkins 1.391
    cpe:2.3:a:jenkins:jenkins:1.391
  • Jenkins 1.392
    cpe:2.3:a:jenkins:jenkins:1.392
  • Jenkins 1.393
    cpe:2.3:a:jenkins:jenkins:1.393
  • Jenkins 1.394
    cpe:2.3:a:jenkins:jenkins:1.394
  • Jenkins 1.395
    cpe:2.3:a:jenkins:jenkins:1.395
  • Jenkins 1.395.1
    cpe:2.3:a:jenkins:jenkins:1.395.1
  • Jenkins 1.396
    cpe:2.3:a:jenkins:jenkins:1.396
  • Jenkins 1.397
    cpe:2.3:a:jenkins:jenkins:1.397
  • Jenkins 1.398
    cpe:2.3:a:jenkins:jenkins:1.398
  • Jenkins 1.399
    cpe:2.3:a:jenkins:jenkins:1.399
  • Jenkins 1.400
    cpe:2.3:a:jenkins:jenkins:1.400
  • Jenkins 1.401
    cpe:2.3:a:jenkins:jenkins:1.401
  • Jenkins 1.402
    cpe:2.3:a:jenkins:jenkins:1.402
  • Jenkins 1.403
    cpe:2.3:a:jenkins:jenkins:1.403
  • Jenkins 1.404
    cpe:2.3:a:jenkins:jenkins:1.404
  • Jenkins 1.405
    cpe:2.3:a:jenkins:jenkins:1.405
  • Jenkins 1.406
    cpe:2.3:a:jenkins:jenkins:1.406
  • Jenkins 1.407
    cpe:2.3:a:jenkins:jenkins:1.407
  • Jenkins 1.408
    cpe:2.3:a:jenkins:jenkins:1.408
  • Jenkins 1.409
    cpe:2.3:a:jenkins:jenkins:1.409
  • Jenkins 1.409.1
    cpe:2.3:a:jenkins:jenkins:1.409.1
  • Jenkins 1.409.1 Long Term Support (LTS)
    cpe:2.3:a:jenkins:jenkins:1.409.1:-:-:-:lts
  • Jenkins 1.409.2 Long Term Support (LTS)
    cpe:2.3:a:jenkins:jenkins:1.409.2:-:-:-:lts
  • Jenkins 1.409.3 Long Term Support (LTS)
    cpe:2.3:a:jenkins:jenkins:1.409.3:-:-:-:lts
  • Jenkins 1.410
    cpe:2.3:a:jenkins:jenkins:1.410
  • Jenkins 1.411
    cpe:2.3:a:jenkins:jenkins:1.411
  • Jenkins 1.412
    cpe:2.3:a:jenkins:jenkins:1.412
  • Jenkins 1.413
    cpe:2.3:a:jenkins:jenkins:1.413
  • Jenkins 1.414
    cpe:2.3:a:jenkins:jenkins:1.414
  • Jenkins 1.415
    cpe:2.3:a:jenkins:jenkins:1.415
  • Jenkins 1.416
    cpe:2.3:a:jenkins:jenkins:1.416
  • Jenkins 1.417
    cpe:2.3:a:jenkins:jenkins:1.417
  • Jenkins 1.418
    cpe:2.3:a:jenkins:jenkins:1.418
  • Jenkins 1.419
    cpe:2.3:a:jenkins:jenkins:1.419
  • Jenkins 1.419 LTS Edition
    cpe:2.3:a:jenkins:jenkins:1.419:-:-:-:lts
  • Jenkins 1.420
    cpe:2.3:a:jenkins:jenkins:1.420
  • Jenkins 1.421
    cpe:2.3:a:jenkins:jenkins:1.421
  • Jenkins 1.421 LTS Edition
    cpe:2.3:a:jenkins:jenkins:1.421:-:-:-:lts
  • Jenkins 1.422
    cpe:2.3:a:jenkins:jenkins:1.422
  • Jenkins 1.423
    cpe:2.3:a:jenkins:jenkins:1.423
  • Jenkins 1.424
    cpe:2.3:a:jenkins:jenkins:1.424
  • Jenkins 1.424.1 Long Term Support (LTS)
    cpe:2.3:a:jenkins:jenkins:1.424.1:-:-:-:lts
  • Jenkins 1.424.2 Long Term Support (LTS)
    cpe:2.3:a:jenkins:jenkins:1.424.2:-:-:-:lts
  • Jenkins 1.424.3 Long Term Support (LTS)
    cpe:2.3:a:jenkins:jenkins:1.424.3:-:-:-:lts
  • Jenkins 1.424.4 Long Term Support (LTS)
    cpe:2.3:a:jenkins:jenkins:1.424.4:-:-:-:lts
  • Jenkins 1.424.5 Long Term Support (LTS)
    cpe:2.3:a:jenkins:jenkins:1.424.5:-:-:-:lts
  • Jenkins 1.424.6 Long Term Support (LTS)
    cpe:2.3:a:jenkins:jenkins:1.424.6:-:-:-:lts
  • Jenkins 1.425
    cpe:2.3:a:jenkins:jenkins:1.425
  • Jenkins 1.426
    cpe:2.3:a:jenkins:jenkins:1.426
  • Jenkins 1.427
    cpe:2.3:a:jenkins:jenkins:1.427
  • Jenkins 1.428
    cpe:2.3:a:jenkins:jenkins:1.428
  • Jenkins 1.429
    cpe:2.3:a:jenkins:jenkins:1.429
  • Jenkins 1.430
    cpe:2.3:a:jenkins:jenkins:1.430
  • Jenkins 1.431
    cpe:2.3:a:jenkins:jenkins:1.431
  • Jenkins 1.432
    cpe:2.3:a:jenkins:jenkins:1.432
  • Jenkins 1.433
    cpe:2.3:a:jenkins:jenkins:1.433
  • Jenkins 1.434
    cpe:2.3:a:jenkins:jenkins:1.434
  • Jenkins 1.435
    cpe:2.3:a:jenkins:jenkins:1.435
  • Jenkins 1.436
    cpe:2.3:a:jenkins:jenkins:1.436
  • Jenkins 1.437
    cpe:2.3:a:jenkins:jenkins:1.437
  • Jenkins 1.438
    cpe:2.3:a:jenkins:jenkins:1.438
  • Jenkins 1.439
    cpe:2.3:a:jenkins:jenkins:1.439
  • Jenkins 1.440
    cpe:2.3:a:jenkins:jenkins:1.440
  • Jenkins 1.441
    cpe:2.3:a:jenkins:jenkins:1.441
  • Jenkins 1.442
    cpe:2.3:a:jenkins:jenkins:1.442
  • Jenkins 1.443
    cpe:2.3:a:jenkins:jenkins:1.443
  • Jenkins 1.444
    cpe:2.3:a:jenkins:jenkins:1.444
  • Jenkins 1.445
    cpe:2.3:a:jenkins:jenkins:1.445
  • Jenkins 1.446
    cpe:2.3:a:jenkins:jenkins:1.446
  • Jenkins 1.447
    cpe:2.3:a:jenkins:jenkins:1.447
  • Jenkins 1.447.1 Long Term Support (LTS)
    cpe:2.3:a:jenkins:jenkins:1.447.1:-:-:-:lts
  • Jenkins 1.447.2 Long Term Support (LTS)
    cpe:2.3:a:jenkins:jenkins:1.447.2:-:-:-:lts
  • Jenkins 1.448
    cpe:2.3:a:jenkins:jenkins:1.448
  • Jenkins 1.449
    cpe:2.3:a:jenkins:jenkins:1.449
  • Jenkins 1.450
    cpe:2.3:a:jenkins:jenkins:1.450
  • Jenkins 1.451
    cpe:2.3:a:jenkins:jenkins:1.451
  • Jenkins 1.452
    cpe:2.3:a:jenkins:jenkins:1.452
  • Jenkins 1.453
    cpe:2.3:a:jenkins:jenkins:1.453
  • Jenkins 1.454
    cpe:2.3:a:jenkins:jenkins:1.454
  • Jenkins 1.455
    cpe:2.3:a:jenkins:jenkins:1.455
  • Jenkins 1.456
    cpe:2.3:a:jenkins:jenkins:1.456
  • Jenkins 1.457
    cpe:2.3:a:jenkins:jenkins:1.457
  • Jenkins 1.458
    cpe:2.3:a:jenkins:jenkins:1.458
  • Jenkins 1.459
    cpe:2.3:a:jenkins:jenkins:1.459
  • Jenkins 1.460
    cpe:2.3:a:jenkins:jenkins:1.460
  • Jenkins 1.461
    cpe:2.3:a:jenkins:jenkins:1.461
  • Jenkins 1.462
    cpe:2.3:a:jenkins:jenkins:1.462
  • Jenkins 1.463
    cpe:2.3:a:jenkins:jenkins:1.463
  • Jenkins 1.464
    cpe:2.3:a:jenkins:jenkins:1.464
  • Jenkins 1.465
    cpe:2.3:a:jenkins:jenkins:1.465
  • Jenkins 1.466
    cpe:2.3:a:jenkins:jenkins:1.466
  • Jenkins 1.466.1 Long Term Support (LTS)
    cpe:2.3:a:jenkins:jenkins:1.466.1:-:-:-:lts
  • Jenkins 1.466.2 Long Term Support (LTS)
    cpe:2.3:a:jenkins:jenkins:1.466.2:-:-:-:lts
  • Jenkins 1.467
    cpe:2.3:a:jenkins:jenkins:1.467
  • Jenkins 1.468
    cpe:2.3:a:jenkins:jenkins:1.468
  • Jenkins 1.469
    cpe:2.3:a:jenkins:jenkins:1.469
  • Jenkins 1.470
    cpe:2.3:a:jenkins:jenkins:1.470
  • Jenkins 1.471
    cpe:2.3:a:jenkins:jenkins:1.471
  • Jenkins 1.472
    cpe:2.3:a:jenkins:jenkins:1.472
  • Jenkins 1.473
    cpe:2.3:a:jenkins:jenkins:1.473
  • Jenkins 1.474
    cpe:2.3:a:jenkins:jenkins:1.474
  • Jenkins 1.475
    cpe:2.3:a:jenkins:jenkins:1.475
  • Jenkins 1.476
    cpe:2.3:a:jenkins:jenkins:1.476
  • Jenkins 1.477
    cpe:2.3:a:jenkins:jenkins:1.477
  • Jenkins 1.478
    cpe:2.3:a:jenkins:jenkins:1.478
  • Jenkins 1.479
    cpe:2.3:a:jenkins:jenkins:1.479
  • Jenkins 1.480
    cpe:2.3:a:jenkins:jenkins:1.480
  • Jenkins 1.480.1 Long Term Support (LTS)
    cpe:2.3:a:jenkins:jenkins:1.480.1:-:-:-:lts
  • Jenkins 1.480.2 Long Term Support (LTS)
    cpe:2.3:a:jenkins:jenkins:1.480.2:-:-:-:lts
  • Jenkins 1.480.3 Long Term Support (LTS)
    cpe:2.3:a:jenkins:jenkins:1.480.3:-:-:-:lts
  • Jenkins 1.480.3.1
    cpe:2.3:a:jenkins:jenkins:1.480.3.1
  • Jenkins 1.481
    cpe:2.3:a:jenkins:jenkins:1.481
  • Jenkins 1.482
    cpe:2.3:a:jenkins:jenkins:1.482
  • Jenkins 1.483
    cpe:2.3:a:jenkins:jenkins:1.483
  • Jenkins 1.483 LTS Edition
    cpe:2.3:a:jenkins:jenkins:1.483:-:-:-:lts
  • Jenkins 1.484
    cpe:2.3:a:jenkins:jenkins:1.484
  • Jenkins 1.485
    cpe:2.3:a:jenkins:jenkins:1.485
  • Jenkins 1.486
    cpe:2.3:a:jenkins:jenkins:1.486
  • Jenkins 1.487
    cpe:2.3:a:jenkins:jenkins:1.487
  • Jenkins 1.488
    cpe:2.3:a:jenkins:jenkins:1.488
  • Jenkins 1.489
    cpe:2.3:a:jenkins:jenkins:1.489
  • Jenkins 1.489 LTS Edition
    cpe:2.3:a:jenkins:jenkins:1.489:-:-:-:lts
  • Jenkins 1.490
    cpe:2.3:a:jenkins:jenkins:1.490
  • Jenkins 1.491
    cpe:2.3:a:jenkins:jenkins:1.491
  • Jenkins 1.492
    cpe:2.3:a:jenkins:jenkins:1.492
  • Jenkins 1.493
    cpe:2.3:a:jenkins:jenkins:1.493
  • Jenkins 1.494
    cpe:2.3:a:jenkins:jenkins:1.494
  • Jenkins 1.495
    cpe:2.3:a:jenkins:jenkins:1.495
  • Jenkins 1.496
    cpe:2.3:a:jenkins:jenkins:1.496
  • Jenkins 1.497
    cpe:2.3:a:jenkins:jenkins:1.497
  • Jenkins 1.498
    cpe:2.3:a:jenkins:jenkins:1.498
  • Jenkins 1.499
    cpe:2.3:a:jenkins:jenkins:1.499
  • Jenkins 1.500
    cpe:2.3:a:jenkins:jenkins:1.500
  • Jenkins 1.501
    cpe:2.3:a:jenkins:jenkins:1.501
  • Jenkins 1.502
    cpe:2.3:a:jenkins:jenkins:1.502
  • Jenkins 1.503
    cpe:2.3:a:jenkins:jenkins:1.503
  • Jenkins 1.504
    cpe:2.3:a:jenkins:jenkins:1.504
  • Jenkins 1.505
    cpe:2.3:a:jenkins:jenkins:1.505
  • Jenkins 1.506
    cpe:2.3:a:jenkins:jenkins:1.506
  • Jenkins 1.507
    cpe:2.3:a:jenkins:jenkins:1.507
  • Jenkins 1.508
    cpe:2.3:a:jenkins:jenkins:1.508
  • Jenkins 1.509
    cpe:2.3:a:jenkins:jenkins:1.509
  • Jenkins 1.509.1 Long Term Support (LTS)
    cpe:2.3:a:jenkins:jenkins:1.509.1:-:-:-:lts
  • Jenkins 1.509.2 Long Term Support (LTS)
    cpe:2.3:a:jenkins:jenkins:1.509.2:-:-:-:lts
  • Jenkins 1.509.3 Long Term Support (LTS)
    cpe:2.3:a:jenkins:jenkins:1.509.3:-:-:-:lts
  • Jenkins 1.509.4 Long Term Support (LTS)
    cpe:2.3:a:jenkins:jenkins:1.509.4:-:-:-:lts
  • Jenkins 1.510
    cpe:2.3:a:jenkins:jenkins:1.510
  • Jenkins 1.511
    cpe:2.3:a:jenkins:jenkins:1.511
  • Jenkins 1.512
    cpe:2.3:a:jenkins:jenkins:1.512
  • Jenkins 1.513
    cpe:2.3:a:jenkins:jenkins:1.513
  • Jenkins 1.514
    cpe:2.3:a:jenkins:jenkins:1.514
  • Jenkins 1.515
    cpe:2.3:a:jenkins:jenkins:1.515
  • Jenkins 1.516
    cpe:2.3:a:jenkins:jenkins:1.516
  • Jenkins 1.517
    cpe:2.3:a:jenkins:jenkins:1.517
  • Jenkins 1.518
    cpe:2.3:a:jenkins:jenkins:1.518
  • Jenkins 1.519
    cpe:2.3:a:jenkins:jenkins:1.519
  • Jenkins 1.520
    cpe:2.3:a:jenkins:jenkins:1.520
  • Jenkins 1.521
    cpe:2.3:a:jenkins:jenkins:1.521
  • Jenkins 1.522
    cpe:2.3:a:jenkins:jenkins:1.522
  • Jenkins 1.523
    cpe:2.3:a:jenkins:jenkins:1.523
  • Jenkins 1.524
    cpe:2.3:a:jenkins:jenkins:1.524
  • Jenkins 1.525
    cpe:2.3:a:jenkins:jenkins:1.525
  • Jenkins 1.526
    cpe:2.3:a:jenkins:jenkins:1.526
  • Jenkins 1.527
    cpe:2.3:a:jenkins:jenkins:1.527
  • Jenkins 1.528
    cpe:2.3:a:jenkins:jenkins:1.528
  • Jenkins 1.529
    cpe:2.3:a:jenkins:jenkins:1.529
  • Jenkins 1.530
    cpe:2.3:a:jenkins:jenkins:1.530
  • Jenkins 1.531
    cpe:2.3:a:jenkins:jenkins:1.531
  • Jenkins 1.532
    cpe:2.3:a:jenkins:jenkins:1.532
  • Jenkins 1.532.1 Long Term Support (LTS)
    cpe:2.3:a:jenkins:jenkins:1.532.1:-:-:-:lts
  • Jenkins 1.532.2 Long Term Support (LTS)
    cpe:2.3:a:jenkins:jenkins:1.532.2:-:-:-:lts
  • Jenkins 1.532.3 Long Term Support (LTS)
    cpe:2.3:a:jenkins:jenkins:1.532.3:-:-:-:lts
  • Jenkins 1.533
    cpe:2.3:a:jenkins:jenkins:1.533
  • Jenkins 1.534
    cpe:2.3:a:jenkins:jenkins:1.534
  • Jenkins 1.535
    cpe:2.3:a:jenkins:jenkins:1.535
  • Jenkins 1.536
    cpe:2.3:a:jenkins:jenkins:1.536
  • Jenkins 1.537
    cpe:2.3:a:jenkins:jenkins:1.537
  • Jenkins 1.538
    cpe:2.3:a:jenkins:jenkins:1.538
  • Jenkins 1.539
    cpe:2.3:a:jenkins:jenkins:1.539
  • Jenkins 1.540
    cpe:2.3:a:jenkins:jenkins:1.540
  • Jenkins 1.541
    cpe:2.3:a:jenkins:jenkins:1.541
  • Jenkins 1.542
    cpe:2.3:a:jenkins:jenkins:1.542
  • Jenkins 1.543
    cpe:2.3:a:jenkins:jenkins:1.543
  • Jenkins 1.544
    cpe:2.3:a:jenkins:jenkins:1.544
  • Jenkins 1.545
    cpe:2.3:a:jenkins:jenkins:1.545
  • Jenkins 1.546
    cpe:2.3:a:jenkins:jenkins:1.546
  • Jenkins 1.547
    cpe:2.3:a:jenkins:jenkins:1.547
  • Jenkins 1.548
    cpe:2.3:a:jenkins:jenkins:1.548
  • Jenkins 1.549
    cpe:2.3:a:jenkins:jenkins:1.549
  • Jenkins 1.550
    cpe:2.3:a:jenkins:jenkins:1.550
  • Jenkins 1.551
    cpe:2.3:a:jenkins:jenkins:1.551
  • Jenkins 1.552
    cpe:2.3:a:jenkins:jenkins:1.552
  • Jenkins 1.553
    cpe:2.3:a:jenkins:jenkins:1.553
  • Jenkins 1.554
    cpe:2.3:a:jenkins:jenkins:1.554
  • Jenkins 1.554.1 Long Term Support (LTS)
    cpe:2.3:a:jenkins:jenkins:1.554.1:-:-:-:lts
  • Jenkins 1.554.2 Long Term Support (LTS)
    cpe:2.3:a:jenkins:jenkins:1.554.2:-:-:-:lts
  • Jenkins 1.554.3 Long Term Support (LTS)
    cpe:2.3:a:jenkins:jenkins:1.554.3:-:-:-:lts
  • Jenkins 1.555
    cpe:2.3:a:jenkins:jenkins:1.555
  • Jenkins 1.556
    cpe:2.3:a:jenkins:jenkins:1.556
  • Jenkins 1.557
    cpe:2.3:a:jenkins:jenkins:1.557
  • Jenkins 1.558
    cpe:2.3:a:jenkins:jenkins:1.558
  • Jenkins 1.559
    cpe:2.3:a:jenkins:jenkins:1.559
  • Jenkins 1.560
    cpe:2.3:a:jenkins:jenkins:1.560
  • Jenkins 1.561
    cpe:2.3:a:jenkins:jenkins:1.561
  • Jenkins 1.562
    cpe:2.3:a:jenkins:jenkins:1.562
  • Jenkins 1.563
    cpe:2.3:a:jenkins:jenkins:1.563
  • Jenkins 1.564
    cpe:2.3:a:jenkins:jenkins:1.564
  • Jenkins 1.565
    cpe:2.3:a:jenkins:jenkins:1.565
  • Jenkins 1.565.1 Long Term Support (LTS)
    cpe:2.3:a:jenkins:jenkins:1.565.1:-:-:-:lts
  • Jenkins 1.565.2 Long Term Support (LTS)
    cpe:2.3:a:jenkins:jenkins:1.565.2:-:-:-:lts
  • Jenkins 1.565.3 Long Term Support (LTS)
    cpe:2.3:a:jenkins:jenkins:1.565.3:-:-:-:lts
  • Jenkins 1.566
    cpe:2.3:a:jenkins:jenkins:1.566
  • Jenkins 1.567
    cpe:2.3:a:jenkins:jenkins:1.567
  • Jenkins 1.568
    cpe:2.3:a:jenkins:jenkins:1.568
  • Jenkins 1.569
    cpe:2.3:a:jenkins:jenkins:1.569
  • Jenkins 1.570
    cpe:2.3:a:jenkins:jenkins:1.570
  • Jenkins 1.571
    cpe:2.3:a:jenkins:jenkins:1.571
  • Jenkins 1.572
    cpe:2.3:a:jenkins:jenkins:1.572
  • Jenkins 1.573
    cpe:2.3:a:jenkins:jenkins:1.573
  • Jenkins 1.574
    cpe:2.3:a:jenkins:jenkins:1.574
  • Jenkins 1.575
    cpe:2.3:a:jenkins:jenkins:1.575
  • Jenkins 1.576
    cpe:2.3:a:jenkins:jenkins:1.576
  • Jenkins 1.577
    cpe:2.3:a:jenkins:jenkins:1.577
  • Jenkins 1.578
    cpe:2.3:a:jenkins:jenkins:1.578
  • Jenkins 1.579
    cpe:2.3:a:jenkins:jenkins:1.579
  • Jenkins 1.580
    cpe:2.3:a:jenkins:jenkins:1.580
  • Jenkins 1.580.1 Long Term Support (LTS)
    cpe:2.3:a:jenkins:jenkins:1.580.1:-:-:-:lts
  • Jenkins 1.580.2 Long Term Support (LTS)
    cpe:2.3:a:jenkins:jenkins:1.580.2:-:-:-:lts
  • Jenkins 1.580.3 Long Term Support (LTS)
    cpe:2.3:a:jenkins:jenkins:1.580.3:-:-:-:lts
  • Jenkins 1.581
    cpe:2.3:a:jenkins:jenkins:1.581
  • Jenkins 1.582
    cpe:2.3:a:jenkins:jenkins:1.582
  • Jenkins 1.583
    cpe:2.3:a:jenkins:jenkins:1.583
  • Jenkins 1.584
    cpe:2.3:a:jenkins:jenkins:1.584
  • Jenkins 1.585
    cpe:2.3:a:jenkins:jenkins:1.585
  • Jenkins 1.586
    cpe:2.3:a:jenkins:jenkins:1.586
  • Jenkins 1.587
    cpe:2.3:a:jenkins:jenkins:1.587
  • Jenkins 1.588
    cpe:2.3:a:jenkins:jenkins:1.588
  • Jenkins 1.589
    cpe:2.3:a:jenkins:jenkins:1.589
  • Jenkins 1.590
    cpe:2.3:a:jenkins:jenkins:1.590
  • Jenkins 1.591
    cpe:2.3:a:jenkins:jenkins:1.591
  • Jenkins 1.592
    cpe:2.3:a:jenkins:jenkins:1.592
  • Jenkins 1.593
    cpe:2.3:a:jenkins:jenkins:1.593
  • Jenkins 1.594
    cpe:2.3:a:jenkins:jenkins:1.594
  • Jenkins 1.595
    cpe:2.3:a:jenkins:jenkins:1.595
  • Jenkins 1.596
    cpe:2.3:a:jenkins:jenkins:1.596
  • Jenkins 1.596.1 Long Term Support (LTS)
    cpe:2.3:a:jenkins:jenkins:1.596.1:-:-:-:lts
  • Jenkins 1.596.2 Long Term Support (LTS)
    cpe:2.3:a:jenkins:jenkins:1.596.2:-:-:-:lts
  • Jenkins 1.596.3 Long Term Support (LTS)
    cpe:2.3:a:jenkins:jenkins:1.596.3:-:-:-:lts
  • Jenkins 1.597
    cpe:2.3:a:jenkins:jenkins:1.597
  • Jenkins 1.598
    cpe:2.3:a:jenkins:jenkins:1.598
  • Jenkins 1.599
    cpe:2.3:a:jenkins:jenkins:1.599
  • Jenkins 1.600
    cpe:2.3:a:jenkins:jenkins:1.600
  • Jenkins 1.601
    cpe:2.3:a:jenkins:jenkins:1.601
  • Jenkins 1.602
    cpe:2.3:a:jenkins:jenkins:1.602
  • Jenkins 1.603
    cpe:2.3:a:jenkins:jenkins:1.603
  • Jenkins 1.604
    cpe:2.3:a:jenkins:jenkins:1.604
  • Jenkins 1.605
    cpe:2.3:a:jenkins:jenkins:1.605
  • Jenkins 1.606
    cpe:2.3:a:jenkins:jenkins:1.606
  • Jenkins 1.607
    cpe:2.3:a:jenkins:jenkins:1.607
  • Jenkins 1.608
    cpe:2.3:a:jenkins:jenkins:1.608
  • Jenkins 1.609
    cpe:2.3:a:jenkins:jenkins:1.609
  • Jenkins 1.609.1 Long Term Support (LTS)
    cpe:2.3:a:jenkins:jenkins:1.609.1:-:-:-:lts
  • Jenkins 1.609.2 Long Term Support (LTS)
    cpe:2.3:a:jenkins:jenkins:1.609.2:-:-:-:lts
  • Jenkins 1.609.3 Long Term Support (LTS)
    cpe:2.3:a:jenkins:jenkins:1.609.3:-:-:-:lts
  • Jenkins 1.610
    cpe:2.3:a:jenkins:jenkins:1.610
  • Jenkins 1.611
    cpe:2.3:a:jenkins:jenkins:1.611
  • Jenkins 1.612
    cpe:2.3:a:jenkins:jenkins:1.612
  • Jenkins 1.613
    cpe:2.3:a:jenkins:jenkins:1.613
  • Jenkins 1.614
    cpe:2.3:a:jenkins:jenkins:1.614
  • Jenkins 1.615
    cpe:2.3:a:jenkins:jenkins:1.615
  • Jenkins 1.616
    cpe:2.3:a:jenkins:jenkins:1.616
  • Jenkins 1.617
    cpe:2.3:a:jenkins:jenkins:1.617
  • Jenkins 1.618
    cpe:2.3:a:jenkins:jenkins:1.618
  • Jenkins 1.619
    cpe:2.3:a:jenkins:jenkins:1.619
  • Jenkins 1.620
    cpe:2.3:a:jenkins:jenkins:1.620
  • Jenkins 1.621
    cpe:2.3:a:jenkins:jenkins:1.621
  • Jenkins 1.622
    cpe:2.3:a:jenkins:jenkins:1.622
  • Jenkins 1.623
    cpe:2.3:a:jenkins:jenkins:1.623
  • Jenkins 1.624
    cpe:2.3:a:jenkins:jenkins:1.624
  • Jenkins 1.625
    cpe:2.3:a:jenkins:jenkins:1.625
  • Jenkins 1.625.1 Long Term Support (LTS)
    cpe:2.3:a:jenkins:jenkins:1.625.1:-:-:-:lts
  • Jenkins 1.625.2 Long Term Support (LTS)
    cpe:2.3:a:jenkins:jenkins:1.625.2:-:-:-:lts
  • Jenkins 1.625.3 Long Term Support (LTS)
    cpe:2.3:a:jenkins:jenkins:1.625.3:-:-:-:lts
  • Jenkins 1.626
    cpe:2.3:a:jenkins:jenkins:1.626
  • Jenkins 1.627
    cpe:2.3:a:jenkins:jenkins:1.627
  • Jenkins 1.628
    cpe:2.3:a:jenkins:jenkins:1.628
  • Jenkins 1.629
    cpe:2.3:a:jenkins:jenkins:1.629
  • Jenkins 1.630
    cpe:2.3:a:jenkins:jenkins:1.630
  • Jenkins 1.631
    cpe:2.3:a:jenkins:jenkins:1.631
  • Jenkins 1.632
    cpe:2.3:a:jenkins:jenkins:1.632
  • Jenkins 1.633
    cpe:2.3:a:jenkins:jenkins:1.633
  • Jenkins 1.634
    cpe:2.3:a:jenkins:jenkins:1.634
  • Jenkins 1.635
    cpe:2.3:a:jenkins:jenkins:1.635
  • Jenkins 1.636
    cpe:2.3:a:jenkins:jenkins:1.636
  • Jenkins 1.637
    cpe:2.3:a:jenkins:jenkins:1.637
  • Jenkins 1.637 LTS Edition
    cpe:2.3:a:jenkins:jenkins:1.637:-:-:-:lts
  • Jenkins 1.638
    cpe:2.3:a:jenkins:jenkins:1.638
  • Jenkins Jenkins 1.639
    cpe:2.3:a:jenkins:jenkins:1.639
  • Jenkins 1.640
    cpe:2.3:a:jenkins:jenkins:1.640
  • Jenkins 1.641
    cpe:2.3:a:jenkins:jenkins:1.641
  • Jenkins 1.642
    cpe:2.3:a:jenkins:jenkins:1.642
  • Jenkins 1.642.1 Long Term Support (LTS)
    cpe:2.3:a:jenkins:jenkins:1.642.1:-:-:-:lts
  • Jenkins 1.642.2 Long Term Support (LTS)
    cpe:2.3:a:jenkins:jenkins:1.642.2:-:-:-:lts
  • Jenkins 1.642.3 Long Term Support (LTS)
    cpe:2.3:a:jenkins:jenkins:1.642.3:-:-:-:lts
  • Jenkins 1.642.4 Long Term Support (LTS)
    cpe:2.3:a:jenkins:jenkins:1.642.4:-:-:-:lts
  • Jenkins 1.643
    cpe:2.3:a:jenkins:jenkins:1.643
  • Jenkins 1.644
    cpe:2.3:a:jenkins:jenkins:1.644
  • Jenkins 1.645
    cpe:2.3:a:jenkins:jenkins:1.645
  • Jenkins 1.646
    cpe:2.3:a:jenkins:jenkins:1.646
  • Jenkins 1.647
    cpe:2.3:a:jenkins:jenkins:1.647
  • Jenkins 1.648
    cpe:2.3:a:jenkins:jenkins:1.648
  • Jenkins 1.649
    cpe:2.3:a:jenkins:jenkins:1.649
  • Jenkins 1.650
    cpe:2.3:a:jenkins:jenkins:1.650
  • Jenkins 1.651
    cpe:2.3:a:jenkins:jenkins:1.651
  • Jenkins 1.651.1 Long Term Support (LTS)
    cpe:2.3:a:jenkins:jenkins:1.651.1:-:-:-:lts
  • Jenkins 1.651.2 Long Term Support (LTS)
    cpe:2.3:a:jenkins:jenkins:1.651.2:-:-:-:lts
  • Jenkins 1.651.3 Long Term Support (LTS)
    cpe:2.3:a:jenkins:jenkins:1.651.3:-:-:-:lts
  • Jenkins 1.652
    cpe:2.3:a:jenkins:jenkins:1.652
  • Jenkins 1.653
    cpe:2.3:a:jenkins:jenkins:1.653
  • Jenkins 1.654
    cpe:2.3:a:jenkins:jenkins:1.654
  • Jenkins 1.655
    cpe:2.3:a:jenkins:jenkins:1.655
  • Jenkins 1.656
    cpe:2.3:a:jenkins:jenkins:1.656
  • Jenkins 1.657
    cpe:2.3:a:jenkins:jenkins:1.657
  • Jenkins 1.658
    cpe:2.3:a:jenkins:jenkins:1.658
  • Jenkins 2.0
    cpe:2.3:a:jenkins:jenkins:2.0
  • Jenkins 2.0 LTS Edition
    cpe:2.3:a:jenkins:jenkins:2.0:-:-:-:lts
  • Jenkins 2.1
    cpe:2.3:a:jenkins:jenkins:2.1
  • Jenkins 2.2
    cpe:2.3:a:jenkins:jenkins:2.2
  • Jenkins 2.3
    cpe:2.3:a:jenkins:jenkins:2.3
  • Jenkins 2.4
    cpe:2.3:a:jenkins:jenkins:2.4
  • Jenkins 2.5
    cpe:2.3:a:jenkins:jenkins:2.5
  • Jenkins 2.6
    cpe:2.3:a:jenkins:jenkins:2.6
  • Jenkins 2.7
    cpe:2.3:a:jenkins:jenkins:2.7
  • Jenkins 2.7.1
    cpe:2.3:a:jenkins:jenkins:2.7.1
  • Jenkins 2.7.1 LTS Edition
    cpe:2.3:a:jenkins:jenkins:2.7.1:-:-:-:lts
  • Jenkins 2.7.2
    cpe:2.3:a:jenkins:jenkins:2.7.2
  • Jenkins 2.7.2 LTS Edition
    cpe:2.3:a:jenkins:jenkins:2.7.2:-:-:-:lts
  • Jenkins 2.7.3
    cpe:2.3:a:jenkins:jenkins:2.7.3
  • Jenkins 2.7.3 LTS Edition
    cpe:2.3:a:jenkins:jenkins:2.7.3:-:-:-:lts
  • Jenkins 2.7.4
    cpe:2.3:a:jenkins:jenkins:2.7.4
  • Jenkins 2.7.4 LTS Edition
    cpe:2.3:a:jenkins:jenkins:2.7.4:-:-:-:lts
  • Jenkins 2.8
    cpe:2.3:a:jenkins:jenkins:2.8
  • Jenkins 2.9
    cpe:2.3:a:jenkins:jenkins:2.9
  • Jenkins 2.10
    cpe:2.3:a:jenkins:jenkins:2.10
  • Jenkins 2.11
    cpe:2.3:a:jenkins:jenkins:2.11
  • Jenkins 2.12
    cpe:2.3:a:jenkins:jenkins:2.12
  • Jenkins 2.13
    cpe:2.3:a:jenkins:jenkins:2.13
  • Jenkins 2.14
    cpe:2.3:a:jenkins:jenkins:2.14
  • Jenkins 2.14 LTS Edition
    cpe:2.3:a:jenkins:jenkins:2.14:-:-:-:lts
  • Jenkins 2.15
    cpe:2.3:a:jenkins:jenkins:2.15
  • Jenkins 2.15 LTS Edition
    cpe:2.3:a:jenkins:jenkins:2.15:-:-:-:lts
  • Jenkins 2.16
    cpe:2.3:a:jenkins:jenkins:2.16
  • Jenkins 2.17
    cpe:2.3:a:jenkins:jenkins:2.17
  • Jenkins 2.18
    cpe:2.3:a:jenkins:jenkins:2.18
  • Jenkins 2.19
    cpe:2.3:a:jenkins:jenkins:2.19
  • Jenkins 2.19.1
    cpe:2.3:a:jenkins:jenkins:2.19.1
  • Jenkins 2.19.1 LTS Edition
    cpe:2.3:a:jenkins:jenkins:2.19.1:-:-:-:lts
  • Jenkins 2.19.2 Long Term Support (LTS)
    cpe:2.3:a:jenkins:jenkins:2.19.2:-:-:-:lts
  • Jenkins 2.19.3
    cpe:2.3:a:jenkins:jenkins:2.19.3
  • Jenkins 2.19.3 LTS Edition
    cpe:2.3:a:jenkins:jenkins:2.19.3:-:-:-:lts
  • Jenkins 2.19.4
    cpe:2.3:a:jenkins:jenkins:2.19.4
  • Jenkins 2.19.4 LTS Edition
    cpe:2.3:a:jenkins:jenkins:2.19.4:-:-:-:lts
  • Jenkins 2.20
    cpe:2.3:a:jenkins:jenkins:2.20
  • Jenkins 2.20 LTS Edition
    cpe:2.3:a:jenkins:jenkins:2.20:-:-:-:lts
  • Jenkins 2.21
    cpe:2.3:a:jenkins:jenkins:2.21
  • Jenkins 2.22
    cpe:2.3:a:jenkins:jenkins:2.22
  • Jenkins 2.23
    cpe:2.3:a:jenkins:jenkins:2.23
  • Jenkins 2.24
    cpe:2.3:a:jenkins:jenkins:2.24
  • Jenkins 2.25
    cpe:2.3:a:jenkins:jenkins:2.25
  • Jenkins 2.26
    cpe:2.3:a:jenkins:jenkins:2.26
  • Jenkins 2.27
    cpe:2.3:a:jenkins:jenkins:2.27
  • Jenkins 2.28
    cpe:2.3:a:jenkins:jenkins:2.28
  • Jenkins 2.29
    cpe:2.3:a:jenkins:jenkins:2.29
  • Jenkins 2.30
    cpe:2.3:a:jenkins:jenkins:2.30
  • Jenkins 2.31
    cpe:2.3:a:jenkins:jenkins:2.31
  • Jenkins 2.32
    cpe:2.3:a:jenkins:jenkins:2.32
  • Jenkins 2.32.1
    cpe:2.3:a:jenkins:jenkins:2.32.1
  • Jenkins 2.32.1 LTS Edition
    cpe:2.3:a:jenkins:jenkins:2.32.1:-:-:-:lts
  • Jenkins 2.32.2
    cpe:2.3:a:jenkins:jenkins:2.32.2
  • Jenkins 2.32.2 LTS Edition
    cpe:2.3:a:jenkins:jenkins:2.32.2:-:-:-:lts
  • Jenkins 2.32.3
    cpe:2.3:a:jenkins:jenkins:2.32.3
  • Jenkins 2.32.3 LTS Edition
    cpe:2.3:a:jenkins:jenkins:2.32.3:-:-:-:lts
  • Jenkins 2.33
    cpe:2.3:a:jenkins:jenkins:2.33
  • Jenkins 2.34
    cpe:2.3:a:jenkins:jenkins:2.34
  • Jenkins 2.35
    cpe:2.3:a:jenkins:jenkins:2.35
  • Jenkins 2.36
    cpe:2.3:a:jenkins:jenkins:2.36
  • Jenkins 2.37
    cpe:2.3:a:jenkins:jenkins:2.37
  • Jenkins 2.38
    cpe:2.3:a:jenkins:jenkins:2.38
  • Jenkins 2.39
    cpe:2.3:a:jenkins:jenkins:2.39
  • Jenkins 2.40
    cpe:2.3:a:jenkins:jenkins:2.40
  • Jenkins 2.41
    cpe:2.3:a:jenkins:jenkins:2.41
  • Jenkins 2.42
    cpe:2.3:a:jenkins:jenkins:2.42
  • Jenkins 2.43
    cpe:2.3:a:jenkins:jenkins:2.43
CVSS
Base: 3.5
Impact:
Exploitability:
CWE CWE-79
CAPEC
  • Cross Site Scripting through Log Files
    An attacker may leverage a system weakness where logs are susceptible to log injection to insert scripts into the system's logs. If these logs are later viewed by an administrator through a thin administrative interface and the log data is not properly HTML encoded before being written to the page, the attackers' scripts stored in the log will be executed in the administrative interface with potentially serious consequences. This attack pattern is really a combination of two other attack patterns: log injection and stored cross site scripting.
  • Embedding Scripts in Non-Script Elements
    This attack is a form of Cross-Site Scripting (XSS) where malicious scripts are embedded in elements that are not expected to host scripts such as image tags (<img>), comments in XML documents (< !-CDATA->), etc. These tags may not be subject to the same input validation, output validation, and other content filtering and checking routines, so this can create an opportunity for an attacker to tunnel through the application's elements and launch a XSS attack through other elements. As with all remote attacks, it is important to differentiate the ability to launch an attack (such as probing an internal network for unpatched servers) and the ability of the remote attacker to collect and interpret the output of said attack.
  • Embedding Scripts within Scripts
    An attack of this type exploits a programs' vulnerabilities that are brought on by allowing remote hosts to execute scripts. The attacker leverages this capability to execute scripts to execute his/her own script by embedding it within other scripts that the target software is likely to execute. The attacker must have the ability to inject script into script that is likely to be executed. If this is done, then the attacker can potentially launch a variety of probes and attacks against the web server's local environment, in many cases the so-called DMZ, back end resources the web server can communicate with, and other hosts. With the proliferation of intermediaries, such as Web App Firewalls, network devices, and even printers having JVMs and Web servers, there are many locales where an attacker can inject malicious scripts. Since this attack pattern defines scripts within scripts, there are likely privileges to execute said attack on the host. Of course, these attacks are not solely limited to the server side, client side scripts like Ajax and client side JavaScript can contain malicious scripts as well. In general all that is required is for there to be sufficient privileges to execute a script, but not protected against writing.
  • Cross-Site Scripting in Error Pages
    An attacker distributes a link (or possibly some other query structure) with a request to a third party web server that is malformed and also contains a block of exploit code in order to have the exploit become live code in the resulting error page. When the third party web server receives the crafted request and notes the error it then creates an error message that echoes the malformed message, including the exploit. Doing this converts the exploit portion of the message into to valid language elements that are executed by the viewing browser. When a victim executes the query provided by the attacker the infected error message error message is returned including the exploit code which then runs in the victim's browser. XSS can result in execution of code as well as data leakage (e.g. session cookies can be sent to the attacker). This type of attack is especially dangerous since the exploit appears to come from the third party web server, who the victim may trust and hence be more vulnerable to deception.
  • Cross-Site Scripting Using Alternate Syntax
    The attacker uses alternate forms of keywords or commands that result in the same action as the primary form but which may not be caught by filters. For example, many keywords are processed in a case insensitive manner. If the site's web filtering algorithm does not convert all tags into a consistent case before the comparison with forbidden keywords it is possible to bypass filters (e.g., incomplete black lists) by using an alternate case structure. For example, the "script" tag using the alternate forms of "Script" or "ScRiPt" may bypass filters where "script" is the only form tested. Other variants using different syntax representations are also possible as well as using pollution meta-characters or entities that are eventually ignored by the rendering engine. The attack can result in the execution of otherwise prohibited functionality.
  • Cross-Site Scripting Using MIME Type Mismatch
    An attacker creates a file with scripting content but where the specified MIME type of the file is such that scripting is not expected. Some browsers will detect that the specified MIME type of the file does not match the actual type of the content and will automatically switch to using an interpreter for the real content type. If the browser does not invoke script filters before doing this, the attackers' script may run on the target unsanitized. For example, the MIME type text/plain may be used where the actual content is text/javascript or text/html. Since text does not contain scripting instructions, the stated MIME type would indicate that filtering is unnecessary. However, if the target application subsequently determines the file's real type and invokes the appropriate interpreter, scripted content could be invoked. In another example, img tags in HTML content could reference a renderable type file instead of an expected image file. The file extension and MIME type can describe an image file, but the file content can be text/javascript or text/html resulting in script execution. If the browser assumes all references in img tags are images, and therefore do not need to be filtered for scripts, this would bypass content filters. In a cross-site scripting attack, the attacker tricks the victim into accessing a URL that uploads a script file with an incorrectly specified MIME type. If the victim's browser switches to the appropriate interpreter without filtering, the attack will execute as a standard XSS attack, possibly revealing the victim's cookies or executing arbitrary script in their browser.
  • Cross-Site Scripting in Attributes
    The attacker inserts commands to perform cross-site scripting (XSS) actions in HTML attributes. Many filters do not adequately sanitize attributes against the presence of potentially dangerous commands even if they adequately sanitize tags. For example, dangerous expressions could be inserted into a style attribute in an anchor tag, resulting in the execution of malicious code when the resulting page is rendered. If a victim is tricked into viewing the rendered page the attack proceeds like a normal XSS attack, possibly resulting in the loss of sensitive cookies or other malicious activities.
  • Cross-Site Scripting via Encoded URI Schemes
    An attack of this type exploits the ability of most browsers to interpret "data", "javascript" or other URI schemes as client-side executable content placeholders. This attack consists of passing a malicious URI in an anchor tag HREF attribute or any other similar attributes in other HTML tags. Such malicious URI contains, for example, a base64 encoded HTML content with an embedded cross-site scripting payload. The attack is executed when the browser interprets the malicious content i.e., for example, when the victim clicks on the malicious link.
  • Cross-Site Scripting Using Doubled Characters, e.g. %3C%3Cscript
    The attacker bypasses input validation by using doubled characters in order to perform a cross-site scripting attack. Some filters fail to recognize dangerous sequences if they are preceded by repeated characters. For example, by doubling the < before a script command, (<<script or %3C%3script using URI encoding) the filters of some web applications may fail to recognize the presence of a script tag. If the targeted server is vulnerable to this type of bypass, the attacker can create a crafted URL or other trap to cause a victim to view a page on the targeted server where the malicious content is executed, as per a normal XSS attack.
  • Cross-Site Scripting Using Flash
    An attacker injects malicious script to global parameters in a Flash movie via a crafted URL. The malicious script is executed in the context of the Flash movie. As such, this is a form of Cross-Site Scripting (XSS), but the abilities granted to the Flash movie make this attack more flexible.
  • Cross-Site Scripting with Masking through Invalid Characters in Identifiers
    The attacker inserts invalid characters in identifiers to bypass application filtering of input. Filters may not scan beyond invalid characters but during later stages of processing content that follows these invalid characters may still be processed. This allows the attacker to sneak prohibited commands past filters and perform normally prohibited operations. Invalid characters may include null, carriage return, line feed or tab in an identifier. Successful bypassing of the filter can result in a XSS attack, resulting in the disclosure of web cookies or possibly other results.
  • Embedding Scripts in HTTP Query Strings
    A variant of cross-site scripting called "reflected" cross-site scripting, the HTTP Query Strings attack consists of passing a malicious script inside an otherwise valid HTTP request query string. This is of significant concern for sites that rely on dynamic, user-generated content such as bulletin boards, news sites, blogs, and web enabled administration GUIs. The malicious script may steal session data, browse history, probe files, or otherwise execute attacks on the client side. Once the attacker has prepared the malicious HTTP query it is sent to a victim user (perhaps by email, IM, or posted on an online forum), who clicks on a normal looking link that contains a poison query string. This technique can be made more effective through the use of services like http://tinyurl.com/, which makes very small URLs that will redirect to very large, complex ones. The victim will not know what he is really clicking on.
  • Simple Script Injection
    An attacker embeds malicious scripts in content that will be served to web browsers. The goal of the attack is for the target software, the client-side browser, to execute the script with the users' privilege level. An attack of this type exploits a programs' vulnerabilities that are brought on by allowing remote hosts to execute code and scripts. Web browsers, for example, have some simple security controls in place, but if a remote attacker is allowed to execute scripts (through injecting them in to user-generated content like bulletin boards) then these controls may be bypassed. Further, these attacks are very difficult for an end user to detect.
  • AJAX Fingerprinting
    This attack utilizes the frequent client-server roundtrips in Ajax conversation to scan a system. While Ajax does not open up new vulnerabilities per se, it does optimize them from an attacker point of view. In many XSS attacks the attacker must get a "hole in one" and successfully exploit the vulnerability on the victim side the first time, once the client is redirected the attacker has many chances to engage in follow on probes, but there is only one first chance. In a widely used web application this is not a major problem because 1 in a 1,000 is good enough in a widely used application. A common first step for an attacker is to footprint the environment to understand what attacks will work. Since footprinting relies on enumeration, the conversational pattern of rapid, multiple requests and responses that are typical in Ajax applications enable an attacker to look for many vulnerabilities, well-known ports, network locations and so on.
  • Embedding Script (XSS) in HTTP Headers
    An attack of this type exploits web applications that generate web content, such as links in a HTML page, based on unvalidated or improperly validated data submitted by other actors. XSS in HTTP Headers attacks target the HTTP headers which are hidden from most users and may not be validated by web applications.
  • XSS in IMG Tags
    Image tags are an often overlooked, but convenient, means for a Cross Site Scripting attack. The attacker can inject script contents into an image (IMG) tag in order to steal information from a victim's browser and execute malicious scripts.
nessus via4
  • NASL family CGI abuses
    NASL id JENKINS_SECURITY_ADVISORY_2017-02-01.NASL
    description The remote web server hosts a version of Jenkins that is prior to 2.44, or a version of Jenkins LTS prior to 2.32.2, or else a version of Jenkings Opertations Center that is 1.625.x.y prior to 1.625.22.1, 2.7.x.0.y prior to 2.7.22.0.1, or 2.x.y.x prior to 2.32.2.1, or else a version of Jenkins Enterprise that is 1.651.x.y prior to 1.651.22.1, 2.7.x.0.y prior to 2.7.22.0.1, or 2.x.y.z prior to 2.32.2.1. It is, therefore, affected by the following vulnerabilities : - A DOM-based cross-site scripting (XSS) vulnerability exists in jQuery Core due to improper validation of certain tags while being rendered using innerHTML. An unauthenticated, remote attacker can exploit this, via a specially crafted request, to execute arbitrary script code in the user's browser session. (CVE-2011-4969) - An integer overflow condition exists in jBCrypt in the key stretching implementation in gensalt, within the crypt_raw() function, which is triggered when the 'log_rounds' parameter is set to the maximum value (31). An unauthenticated, remote attacker can exploit this to cause log_rounds to perform zero rounds, allowing a brute-force attack to more easily determine the password hash. (CVE-2015-0886) - A cross-site request forgery vulnerability (XSRF) exists due to several URLs related to group and role management not requiring POST form submission. An unauthenticated, remote attacker can exploit this to create unused roles, delete unused roles, and set group descriptions. Note that only Jenkins Enterprise is affected by this issue. (CVE-2016-9887) - A flaw exists when sensitive data, such as passwords, is encrypted using AES-128 with electronic codebook mode (ECB). An authenticated, remote attacker can exploit this to disclose information about reused passwords. (CVE-2017-2598) - An unspecified flaw exists that is triggered when handling new items due to insufficient permission checks. An authenticated, remote attacker can exploit this, by using the name of an already existing item, to create a new item that overwrites the existing item or to gain access to related objects. (CVE-2017-2599) - An information disclosure vulnerability exists due to improper permissions being set for accessing node monitor data via the remote API. An authenticated, remote attacker can exploit this to disclose system configuration and runtime information. (CVE-2017-2600) - A stored cross-site scripting (XSS) vulnerability exists due to improper validation of input to names and descriptions fields before returning it to users. An authenticated, remote attacker can exploit this, via a specially crafted request, to execute arbitrary script code in a user's browser session. (CVE-2017-2601) - A flaw exists in the Agent-to-Master Security Subsystem because build metadata from the Pipeline suite is not properly blacklisted. An authenticated, remote attacker can exploit this to overwrite metadata files. (CVE-2017-2602) - A flaw exists in the config.xml API when handling user-initiated agent disconnects, which results in User objects being included in the agent API output. An authenticated, remote attacker can exploit this to disclose sensitive information (e.g., user API tokens). (CVE-2017-2603) - A flaw exists when handling permissions for administrative monitors that allows an authenticated, remote attacker to access certain provided actions. (CVE-2017-2604) - A flaw exists in the Re-Key Admin Monitor when re-encrypting secrets with a new key that results in old secrets, including the encryption key, being stored with world-readable permissions. A local attacker can exploit this to disclose sensitive information from the backup files. (CVE-2017-2605) - A flaw exists in the internal API, specifically within the Jenkins::getItems() function, when requesting a list of items via UnprotectedRootAction. An authenticated, remote attacker can exploit this to disclose information regarding otherwise restricted items. (CVE-2017-2606) - A stored cross-site scripting (XSS) vulnerability exists due to improper validation of input passed via serialized console notes before returning it to users in build logs. An authenticated, remote attacker can exploit this, via a specially crafted request, to execute arbitrary script code in a user's browser session. (CVE-2017-2607) - A flaw exists in the XStream-based API due to improper validation of user-supplied input before it is deserialized. An authenticated, remote attacker can exploit this, via a specially crafted request, to execute arbitrary code. (CVE-2017-2608) - A flaw exists in the search box implementation due to the autocompletion feature displaying the names of restricted views. An authenticated, remote attacker can exploit this to disclose sensitive names of views. (CVE-2017-2609) - A stored cross-site scripting (XSS) vulnerability exists due to improper validation of input passed in user names before returning it to users. An authenticated, remote attacker can exploit this, via a specially crafted request, to execute arbitrary script code in a user's browser session. (CVE-2017-2610) - A flaw exists due to improper validation of permissions to the /workspaceCleanup and /fingerprintCleanup URLs. An authenticated, remote attacker can exploit this to cause a high load on the master and agents. (CVE-2017-2611) - A flaw exists due to a failure to properly restrict access to JDK download credentials. An authenticated, remote attacker can exploit this to overwrite the credentials, thereby causing builds to fail. (CVE-2017-2612) - A cross-site request forgery (XSRF) vulnerability exists due to a failure by HTTP GET requests to /user to require multiple steps, explicit confirmation, or a unique token when performing certain sensitive actions. An unauthenticated, remote attacker can exploit this, by convincing a user to follow a specially crafted link, to cause the creation of new temporary users. (CVE-2017-2613)
    last seen 2018-09-02
    modified 2018-06-14
    plugin id 97609
    published 2017-03-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=97609
    title Jenkins < 2.44 / 2.32.x < 2.32.2, Jenkins Operations Center < 1.625.22.1 / 2.7.22.0.1 / 2.32.2.1, and Jenkins Enterprise < 1.651.22.1 / 2.7.22.0.1 / 2.32.2.1 Multiple Vulnerabilities
  • NASL family FreeBSD Local Security Checks
    NASL id FREEBSD_PKG_5CFA9D0C73D74642AF4F28FBED9E9404.NASL
    description Jenkins Security Advisory : Please reference CVE/URL list for details
    last seen 2018-09-01
    modified 2018-08-31
    plugin id 96939
    published 2017-02-02
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=96939
    title FreeBSD : jenkins -- multiple vulnerabilities (5cfa9d0c-73d7-4642-af4f-28fbed9e9404)
refmap via4
bid 95951
confirm
Last major update 15-05-2018 - 17:29
Published 15-05-2018 - 17:29
Last modified 20-06-2018 - 10:34
Back to Top