New subject: [Bug 1810460] CVE-2012-0785 jenkins: hash collision allow remote attackers to cause a considerable CPU load resulting in Hash DoS

5 Mar 2020


      https://bugzilla.redhat.com/show_bug.cgi?id=1810460
Bug ID: 1810460
           Summary: CVE-2012-0785 jenkins: hash collision allow remote
                    attackers to cause a considerable CPU load resulting
                    in Hash DoS
           Product: Security Response
          Hardware: All
                OS: Linux
            Status: NEW
         Component: vulnerability
          Keywords: Security
          Severity: low
          Priority: low
          Assignee: security-response-team@redhat.com
          Reporter: mkaplan@redhat.com
                CC: extras-orphan@fedoraproject.org,
                    java-sig-commits@lists.fedoraproject.org,
                    mizdebsk@redhat.com, msrb@redhat.com
  Target Milestone: ---
    Classification: Other
Hash collision attack vulnerability in Jenkins before 1.447, Jenkins LTS before
1.424.2, and Jenkins Enterprise by CloudBees 1.424.x before 1.424.2.1 and
1.400.x before 1.400.0.11 could allow remote attackers to cause a considerable
CPU load, aka "the Hash DoS attack."
Upstream advisory:
https://jenkins.io/security/advisory/2012-01-12/
-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Bug 1810460] New: CVE-2012-0785 jenkins: hash collision allow remote attackers to cause a considerable CPU load resulting in Hash DoS