Lucene search
Alpine Linux Development TeamALPINE:CVE-2023-41944HistorySep 06, 2023 - 1:15 p.m.
CVE-2023-41944
2023-09-0613:15:11
Alpine Linux Development Team
security.alpinelinux.org
7
jenkins
aws
codecommit
trigger plugin
html injection
vulnerability
form validation
unix
6.1 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
0.0005 Low
EPSS
Percentile
17.1%
Jenkins AWS CodeCommit Trigger Plugin 3.0.12 and earlier does not escape the queue name parameter passed to a form validation URL, when rendering an error message, resulting in an HTML injection vulnerability.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Alpine | 3.18-community | noarch | jenkins | = 2.387.3-r0 | UNKNOWN |
| Alpine | 3.19-community | noarch | jenkins | = 2.440.3-r0 | UNKNOWN |
| Alpine | 3.20-community | noarch | jenkins | = 2.440.2-r0 | UNKNOWN |
| Alpine | edge-community | noarch | jenkins | = 2.452.2-r0 | UNKNOWN |
Related
nvd
nvd
CVE-2023-41944
2023-09-06 13:15:11
cve
cve
CVE-2023-41944
2023-09-06 13:15:11
prion
prion
Design/Logic Flaw
2023-09-06 13:15:00
osv
osv
HTML injection vulnerability in Jenkins AWS CodeCommit Trigger Plugin
2023-09-06 15:30:26
github
github
HTML injection vulnerability in Jenkins AWS CodeCommit Trigger Plugin
2023-09-06 15:30:26
cvelist
cvelist
CVE-2023-41944
2023-09-06 12:09:01
nessus
nessus
Jenkins plugins Multiple Vulnerabilities (2023-09-06)
2023-09-07 00:00:00
6.1 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
0.0005 Low
EPSS
Percentile
17.1%
Related for ALPINE:CVE-2023-41944