N/A

A race condition during Jenkins 2.81 through 2.94 (inclusive); 2.89.1 startup could result in the wrong order of execution of commands during initialization. This could in rare cases result in failure to initialize the setup wizard on the first startup. This resulted in multiple security-related settings not being set to their usual strict default.

N/A

N/A

CloudBees Jenkins 竞争条件漏洞

CloudBees Jenkins（前称Hudson Labs）是美国CloudBees公司的一套基于Java开发的持续集成工具，它主要用于监控持续的软件版本发布/测试项目和一些定时执行的任务。 CloudBees Jenkins 2.81版本至2.94版本和2.89.1版本中存在竞争条件漏洞。攻击者可利用该漏洞造成命令执行顺序出错，造成有关安全的设置无法默认设置成日常严格的安全状态或可能无法初始化安装向导。

N/A

N/A