1
Candidate: CVE-2015-5320
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5320
5
https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11
7
Jenkins before 1.638 and LTS before 1.625.2 do not properly verify the
8
shared secret used in JNLP slave connections, which allows remote attackers
9
to connect as slaves and obtain sensitive information or possibly gain
10
administrative access by leveraging knowledge of the name of a slave.
19
upstream_jenkins:released (1.638, 1.625.2)
20
precise_jenkins: ignored (reached end-of-life)
21
precise/esm_jenkins: DNE (precise was needed)
24
vivid/stable-phone-overlay_jenkins: DNE
25
vivid/ubuntu-core_jenkins: DNE