CVE-2016-0789 · CVEKit

cve.orgen

234 chars

CRLF injection vulnerability in the CLI command documentation in Jenkins before 1.650 and LTS before 1.642.2 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.

NVDen

234 chars

CRLF injection vulnerability in the CLI command documentation in Jenkins before 1.650 and LTS before 1.642.2 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.

OSV.deven

234 chars

CRLF injection vulnerability in the CLI command documentation in Jenkins before 1.650 and LTS before 1.642.2 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.

GHSAen

234 chars

CRLF injection vulnerability in the CLI command documentation in Jenkins before 1.650 and LTS before 1.642.2 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.

NVDes

315 chars

Vulnerabilidad de inyección CRLF en la documentación de comando de la CLI en Jenkins en versiones anteriores a 1.650 y LTS en versiones anteriores a 1.642.2 permite a atacantes remotos inyectar cabeceras HTTP arbitrarias y llevar a cabo ataques de separación de respuesta HTTP a través de vectores no especificados.

CVSS metrics across sources

3

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	4.3	8.6	2.9	AV:N/AC:M/Au:N/C:N/I:P/A:N
3.0	Primary	NVD	6.1	2.8	2.7	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N