CRLF injection vulnerability in Jenkins before 1.491, Jenkins LTS before 1.480.1, and Jenkins Enterprise 1.424.x before 1.424.6.13, 1.447.x before 1.447.4.1, and 1.466.x before 1.466.10.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.
Metrics
Affected Vendors & Products
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
No history.

Status: PUBLISHED
Assigner: redhat
Published:
Updated: 2024-08-06T21:21:28.396Z
Reserved: 2012-12-06T00:00:00
Link: CVE-2012-6072

No data.

Status : Deferred
Published: 2013-02-24T22:55:01.097
Modified: 2025-04-11T00:51:21.963
Link: CVE-2012-6072


No data.