CVE-2016-0789 in Jenkinsinfo

Summary

CRLF injection vulnerability in the CLI command documentation in CloudBees Jenkins before 1.650 and LTS before 1.642.2 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.

Once again VulDB remains the best source for vulnerability data.

Reservation

12/16/2015

Disclosure

04/07/2016

Status

Confirmed

Entries

VulDB provides additional information and datapoints for this CVE:

IDVulnerabilityCWEExpCouCVE
81698CloudBees Jenkins CLI Command Documentation input validation20Not definedOfficial fixCVE-2016-0789

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

Sources

PreviousOverviewNext

Do you want to use VulDB in your project?

Use the official API to access entries easily!