QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2020-2102

Back to search

CVE-2020-2102

Published: Jan 29, 2020

Modified: Aug 4, 2024

PUBLISHED

Description

Jenkins 2.218 and earlier, LTS 2.204.1 and earlier used a non-constant time comparison function when validating an HMAC.

VendorProductVersions

Jenkins project

Jenkins

affected
unspecified - <= 2.218
affected
unspecified - <= LTS 2.204.1

References

RHSA-2020:0681
vendor-advisory
x_refsource_REDHAT
RHSA-2020:0683
vendor-advisory
x_refsource_REDHAT
RHBA-2020:0402
vendor-advisory
x_refsource_REDHAT
RHBA-2020:0675
vendor-advisory
x_refsource_REDHAT

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now