CVE-2018-1999044
MEDIUM6.5EPSS 0.14%Infinite Loop in Jenkins Core
Published: 5/13/2022Modified: 2/16/2024
Description
A Cron expression form validation could enter infinite loop, potentially resulting in denial of service. The form validation for cron expressions (e.g. "Poll SCM", "Build periodically") could enter infinite loops when cron expressions only matching certain rare dates were entered, blocking request handling threads indefinitely.
Affected packages (1)
- Maven/org.jenkins-ci.main:jenkins-corefrom 0, < 2.138
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | MEDIUM6.5 | CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |