vulnerability

Jenkins Advisory 2024-11-27: CVE-2024-47855: Denial of service vulnerability in bundled json-lib

Severity	CVSS	Published	Added	Modified
5	(AV:N/AC:L/Au:N/C:N/I:N/A:P)	Oct 4, 2024	Nov 28, 2024	Feb 18, 2025

Severity

CVSS

(AV:N/AC:L/Au:N/C:N/I:N/A:P)

Published

Oct 4, 2024

Added

Nov 28, 2024

Modified

Feb 18, 2025

Description

util/JSONTokener.java in JSON-lib before 3.1.0 mishandles an unbalanced comment string.

jenkins-lts-upgrade-2_479_2jenkins-upgrade-2_487

NEW

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.