CVE-2020-2100

Description

Jenkins 2.218 and earlier, LTS 2.204.1 and earlier was vulnerable to a UDP amplification reflection denial of service attack on port 33848.

Affected packages (2)

• Bitnami/jenkinsfrom 0, < 2.218.1
• Maven/org.jenkins-ci.main:jenkins-corefrom 0, < 2.204.2

CVSS scores

References (9)

• ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2020-2100
• PATCHhttps://github.com/jenkinsci/jenkins
• WEBhttps://access.redhat.com/errata/RHBA-2020:0402
• WEBhttps://access.redhat.com/errata/RHBA-2020:0675
• WEBhttps://access.redhat.com/errata/RHSA-2020:0681
• WEBhttps://access.redhat.com/errata/RHSA-2020:0683
• WEBhttps://github.com/jenkinsci/jenkins/commit/cd28a6d9347228b03da0e45653e23032342c2a36
• WEBhttps://jenkins.io/security/advisory/2020-01-29/#SECURITY-1641
• WEBhttp://www.openwall.com/lists/oss-security/2020/01/29/1