CVE Vulnerabilities

CVE-2016-3721

Published: May 17, 2016 | Modified: Jan 05, 2018
CVSS 3.x
6.5
MEDIUM
Source:
NVD
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
CVSS 2.x
4 MEDIUM
AV:N/AC:L/Au:S/C:N/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu

Jenkins before 2.3 and LTS before 1.651.2 might allow remote authenticated users to inject arbitrary build parameters into the build environment via environment variables.

Affected Software

Name Vendor Start Version End Version
Openshift Redhat 3.1 3.1
Openshift Redhat 3.2 3.2

References