CVE-2014-3666

high

Published 2014-10-16 · Modified 2025-03-13

CVSS v3

—

CVSS v2

7.5

VIR risk

7.5

Description

Jenkins allows for Code Execution via Crafted Packet to the CLI

Exploit likelihood

20%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

vendor Authored 2026-05-27

Vendor advisory: secalert@redhat.com — https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01

Ecosystem	Package	Vulnerable	Fixed
Maven	org.jenkins-ci.main:jenkins-core	`>=1.566,<1.583`	`1.583`
Maven	org.jenkins-ci.main:jenkins-core	`<1.565.3`	`1.565.3`

Vendor	Product	Versions	Fixed
redhat	openshift	`{"endIncluding":"3.1"}`
jenkins	jenkins	`{"endIncluding":"1.582"}`

CWE-94

Verify integrity in audit chain (admin only). AS-IS.