CRLF injection vulnerability in Jenkins before 1.491, Jenkins LTS before 1.480.1, and Jenkins Enterprise 1.424.x before 1.424.6.13, 1.447.x before 1.447.4.1, and 1.466.x before 1.466.10.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.
                
            References
                    Configurations
                    Configuration 1 (hide)
| 
 | 
Configuration 2 (hide)
| 
 | 
Configuration 3 (hide)
| 
 | 
Configuration 4 (hide)
| 
 | 
Configuration 5 (hide)
| 
 | 
History
                    No history.
Information
                Published : 2013-02-24 22:55
Updated : 2025-04-11 00:51
NVD link : CVE-2012-6072
Mitre link : CVE-2012-6072
CVE.ORG link : CVE-2012-6072
JSON object : View
Products Affected
                cloudbees
- jenkins
jenkins
- jenkins
CWE
                
                    
                        
                        CWE-20
                        
            Improper Input Validation
