cvedb.io
CVE-2018-1000067
MEDIUM · CVSS 5.3
EPSS exploitation probability: 0%
Published 2018-02-16T00:29:01.213 · Last modified 2026-06-17T01:32:20.847

Summary

An improper authorization vulnerability exists in Jenkins versions 2.106 and earlier, and LTS 2.89.3 and earlier, that allows an attacker to have Jenkins submit HTTP GET requests and get limited information about the response.

Affected products

jenkins — jenkins

Does this affect you?

Add your gear to cvedb and we'll alert you only when jenkins ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.