| Max CVSS | 7.5 | Min CVSS | 4.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2017-1000353 | 7.5 |
Jenkins versions 2.56 and earlier as well as 2.46.1 LTS and earlier are vulnerable to an unauthenticated remote code execution. An unauthenticated remote code execution vulnerability allowed attackers to transfer a serialized Java `SignedObject` obje
|
13-06-2022 - 19:09 | 29-01-2018 - 17:29 | |
| CVE-2017-1000354 | 6.5 |
Jenkins versions 2.56 and earlier as well as 2.46.1 LTS and earlier are vulnerable to a login command which allowed impersonating any Jenkins user. The `login` command available in the remoting-based CLI stored the encrypted user name of the successf
|
15-02-2018 - 18:25 | 29-01-2018 - 17:29 | |
| CVE-2017-1000356 | 6.8 |
Jenkins versions 2.56 and earlier as well as 2.46.1 LTS and earlier are vulnerable to an issue in the Jenkins user database authentication realm: create an account if signup is enabled; or create an account if the victim is an administrator, possibly
|
15-02-2018 - 13:15 | 29-01-2018 - 17:29 | |
| CVE-2017-1000355 | 4.0 |
Jenkins versions 2.56 and earlier as well as 2.46.1 LTS and earlier are vulnerable to an XStream: Java crash when trying to instantiate void/Void.
|
15-02-2018 - 13:14 | 29-01-2018 - 17:29 |