Jenkins allows Unauthorized Viewing of Queue API Information

GHSA-5xmf-9vgr-53mj · CVE-2015-5324

Published May 13, 2022 · Modified Mar 13, 2025

Description

Jenkins before 1.638 and LTS before 1.625.2 allow remote attackers to obtain sensitive information via a direct request to queue/api.

Ready to move

Free, no credit card | First findings in minutes