[JENKINS-17782] Internal stack traces exposed to users

Type: Bug
Resolution: Fixed
Priority: Major
Component/s: core
Labels:
- security

Similar Issues:
Powered by SuggestiMate

Show

If you trigger an uncaught error in Stapler, such as browsing /static/ prior to stapler 552aaab, the stack trace is displayed in the web browser. This is usually harmless but there could in principle be stack traces which expose internal details of value to an attacker. These should be suppressed.

relates to

JENKINS-60410 Suppress stack traces in core

Resolved

Jesse Glick created issue - 2013-04-29 20:56

Jesse Glick made changes - 2013-04-29 21:49

Status

Original: Open [ 1 ]

New: In Progress [ 3 ]

Kohsuke Kawaguchi made changes - 2013-04-30 00:15

Assignee	Original: Jesse Glick [ jglick ]	New: Kohsuke Kawaguchi [ kohsuke ]
Resolution		New: Fixed [ 1 ]
Status	Original: In Progress [ 3 ]	New: Resolved [ 5 ]

R. Tyler Croy made changes - 2016-07-25 23:55

Workflow

Original: JNJira [ 148962 ]

New: JNJira + In-Review [ 192962 ]

Jesse Glick made changes - 2020-06-11 17:22

Link

New: This issue relates to ~~JENKINS-60410~~ [ ~~JENKINS-60410~~ ]

Assignee:: Kohsuke Kawaguchi

Reporter:: Jesse Glick

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Created:: 2013-04-29 20:56

Updated:: 2020-06-11 17:22

Resolved:: 2013-04-30 00:15

Jenkins

Details

Description

Attachments

Issue Links

Activity

People

Dates