Unspecified vulnerability in Jenkins prior to 1.498, Jenkins LTS prior to 1.480.2, and Jenkins Enterprise 1.447.x prior to 1.447.6.1 and 1.466.x prior to 1.466.12.1, when a slave is attached and anonymous read access is enabled, allows remote malicious users to obtain the master cryptographic key via unknown vectors.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
jenkins jenkins 1.404 |
||
jenkins jenkins 1.402 |
||
jenkins jenkins 1.403 |
||
jenkins jenkins 1.431 |
||
jenkins jenkins 1.418 |
||
jenkins jenkins 1.421 |
||
jenkins jenkins 1.420 |
||
jenkins jenkins 1.414 |
||
jenkins jenkins 1.415 |
||
jenkins jenkins 1.437 |
||
jenkins jenkins 1.434 |
||
jenkins jenkins 1.435 |
||
cloudbees jenkins |
||
jenkins jenkins 1.401 |
||
jenkins jenkins 1.430 |
||
jenkins jenkins 1.432 |
||
jenkins jenkins 1.425 |
||
jenkins jenkins 1.419 |
||
jenkins jenkins 1.417 |
||
jenkins jenkins 1.411 |
||
jenkins jenkins 1.408 |
||
jenkins jenkins 1.405 |
||
jenkins jenkins 1.426 |
||
jenkins jenkins 1.429 |
||
jenkins jenkins 1.428 |
||
jenkins jenkins 1.423 |
||
jenkins jenkins 1.412 |
||
jenkins jenkins 1.413 |
||
jenkins jenkins 1.406 |
||
jenkins jenkins 1.407 |
||
jenkins jenkins 1.400 |
||
jenkins jenkins 1.433 |
||
jenkins jenkins 1.427 |
||
jenkins jenkins 1.422 |
||
jenkins jenkins 1.424 |
||
jenkins jenkins 1.416 |
||
jenkins jenkins 1.410 |
||
jenkins jenkins 1.409 |
||
jenkins jenkins 1.436 |
||
cloudbees jenkins 1.466.1.2 |
||
cloudbees jenkins 1.466.2.1 |
||
jenkins jenkins 1.424.3 |
||
jenkins jenkins 1.424.2 |
||
jenkins jenkins 1.424.1 |
||
cloudbees jenkins 1.447 |
||
jenkins jenkins 1.424.6 |
||
jenkins jenkins 1.424.4 |
||
cloudbees jenkins 1.424 |
||
jenkins jenkins 1.409.3 |
||
jenkins jenkins 1.409.1 |
||
jenkins jenkins 1.409.2 |
||
jenkins jenkins |
||
jenkins jenkins 1.466.1 |
||
jenkins jenkins 1.447.2 |
||
jenkins jenkins 1.447.1 |
||
jenkins jenkins 1.424.5 |
||
cloudbees jenkins 1.400 |
||
cloudbees jenkins 1.447.1.1 |
||
cloudbees jenkins 1.447.2.2 |
||
cloudbees jenkins 1.447.3.1 |
On Feb 12th 2013, FireEye announced the discovery of an Adobe Reader 0-day exploit which is used to drop a previously unknown, advanced piece of malware. We called this new malware “ItaDuke” because it reminded us of Duqu and because of the ancient Italian comments in the shellcode copied from Dante Alighieri’s “Divine Comedy”. Previously, we posted about another campaign hitting Governments and other institutions, named Miniduke, which was also using the same “Divine Comedy” PDF e...