Nixpkgs security tracker

Login with GitHub

⚠️ You are using a production deployment that is still only suitable for demo purposes. Any work done in this might be wiped later without notice.

Suggestion detail

Untriaged

Permalink CVE-2012-0785

created 2 months ago Activity log

Created suggestion 2 months ago

Hash collision attack vulnerability in Jenkins before 1.447, Jenkins LTS …

Hash collision attack vulnerability in Jenkins before 1.447, Jenkins LTS before 1.424.2, and Jenkins Enterprise by CloudBees 1.424.x before 1.424.2.1 and 1.400.x before 1.400.0.11 could allow remote attackers to cause a considerable CPU load, aka "the Hash DoS attack."

References

[oss-security] 20120119 Re: CVE request: Jenkins mailing-listx_transferredx_refsource_MLIST
https://security-tracker.debian.org/tracker/CVE-2012-0785 x_transferredx_refsource_MISC
https://access.redhat.com/security/cve/cve-2012-0785 x_transferredx_refsource_MISC
https://jenkins.io/security/advisory/2012-01-12/ x_transferredx_refsource_CONFIRM
https://www.cloudbees.com/jenkins-security-advisory-2012-01-12 x_transferredx_refsource_CONFIRM

Affected products

Jenkins

==before 1.447

Jenkins LTS

==before 1.424.2

Jenkins Enterprise by CloudBees

==1.400.x before 1.400.0.11
==1.424.x before 1.424.2.1

Matching in nixpkgs

pkgs.jenkins

Extendable open source continuous integration server

nixos-unstable 2.541.1
- nixpkgs-unstable 2.541.1
- nixos-unstable-small 2.541.1
nixos-25.11 2.541.1
- nixos-25.11-small 2.541.1
- nixpkgs-25.11-darwin 2.541.1

pkgs.jenkins-job-builder

Jenkins Job Builder is a system for configuring Jenkins jobs using simple YAML files stored in Git

nixos-unstable 6.4.2
- nixpkgs-unstable 6.4.2
- nixos-unstable-small 6.4.2
nixos-25.11 6.4.2
- nixos-25.11-small 6.4.2
- nixpkgs-25.11-darwin 6.4.2

pkgs.python312Packages.jenkinsapi

Python API for accessing resources on a Jenkins continuous-integration server

nixos-25.11 0.3.15
- nixos-25.11-small 0.3.15
- nixpkgs-25.11-darwin 0.3.15

pkgs.python313Packages.jenkinsapi

Python API for accessing resources on a Jenkins continuous-integration server

nixos-unstable 0.3.15
- nixpkgs-unstable 0.3.15
- nixos-unstable-small 0.3.15
nixos-25.11 0.3.15
- nixos-25.11-small 0.3.15
- nixpkgs-25.11-darwin 0.3.15

pkgs.python314Packages.jenkinsapi

Python API for accessing resources on a Jenkins continuous-integration server

nixos-unstable 0.3.15
- nixpkgs-unstable 0.3.15
- nixos-unstable-small 0.3.15

pkgs.python312Packages.python-jenkins

Python bindings for the remote Jenkins API

nixos-25.11 1.8.3
- nixos-25.11-small 1.8.3
- nixpkgs-25.11-darwin 1.8.3

pkgs.python313Packages.python-jenkins

Python bindings for the remote Jenkins API

nixos-unstable 1.8.3
- nixpkgs-unstable 1.8.3
- nixos-unstable-small 1.8.3
nixos-25.11 1.8.3
- nixos-25.11-small 1.8.3
- nixpkgs-25.11-darwin 1.8.3

pkgs.python314Packages.python-jenkins

Python bindings for the remote Jenkins API

nixos-unstable 1.8.3
- nixpkgs-unstable 1.8.3
- nixos-unstable-small 1.8.3

pkgs.python312Packages.jenkins-job-builder

Jenkins Job Builder is a system for configuring Jenkins jobs using simple YAML files stored in Git

nixos-25.11 6.4.2
- nixos-25.11-small 6.4.2
- nixpkgs-25.11-darwin 6.4.2

pkgs.python313Packages.jenkins-job-builder

Jenkins Job Builder is a system for configuring Jenkins jobs using simple YAML files stored in Git

nixos-unstable 6.4.2
- nixpkgs-unstable 6.4.2
- nixos-unstable-small 6.4.2
nixos-25.11 6.4.2
- nixos-25.11-small 6.4.2
- nixpkgs-25.11-darwin 6.4.2

pkgs.python314Packages.jenkins-job-builder

Jenkins Job Builder is a system for configuring Jenkins jobs using simple YAML files stored in Git

nixos-unstable 6.4.2
- nixpkgs-unstable 6.4.2
- nixos-unstable-small 6.4.2

Package maintainers

@coreyoconnor Corey O'Connor <coreyoconnor@gmail.com>
@NeQuissimus Tim Steinbach <tim@nequissimus.com>
@earldouglas James Earl Douglas <james@earldouglas.com>
@Bot-wxt1221 Bot-wxt1221 <3264117476@qq.com>
@drets Dmytro Rets <dmitryrets@gmail.com>
@de11n Elliot Cameron <nixpkgs-commits@deshaw.com>
@invokes-su Souvik Sen <nixpkgs-commits@deshaw.com>
@gador Florian Brandes <florian.brandes@posteo.de>
@despsyched Priyanshu Tripathi <priyanshu.tripathi@deshaw.com>