mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-05-28 17:21:57 +00:00
77 lines
2.5 KiB
JSON
77 lines
2.5 KiB
JSON
{
|
|
"CVE_data_meta": {
|
|
"ASSIGNER": "secalert@redhat.com",
|
|
"ID": "CVE-2016-3727",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "n/a",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_value": "n/a"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
},
|
|
"vendor_name": "n/a"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"data_format": "MITRE",
|
|
"data_type": "CVE",
|
|
"data_version": "4.0",
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "The API URL computer/(master)/api/xml in Jenkins before 2.3 and LTS before 1.651.2 allows remote authenticated users with extended read permission for the master node to obtain sensitive information about the global configuration via unspecified vectors."
|
|
}
|
|
]
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "n/a"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"name": "https://www.cloudbees.com/jenkins-security-advisory-2016-05-11",
|
|
"refsource": "CONFIRM",
|
|
"url": "https://www.cloudbees.com/jenkins-security-advisory-2016-05-11"
|
|
},
|
|
{
|
|
"name": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-05-11",
|
|
"refsource": "CONFIRM",
|
|
"url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-05-11"
|
|
},
|
|
{
|
|
"name": "RHSA-2016:1206",
|
|
"refsource": "REDHAT",
|
|
"url": "https://access.redhat.com/errata/RHSA-2016:1206"
|
|
},
|
|
{
|
|
"name": "RHSA-2016:1773",
|
|
"refsource": "REDHAT",
|
|
"url": "http://rhn.redhat.com/errata/RHSA-2016-1773.html"
|
|
}
|
|
]
|
|
}
|
|
} |