Lucene search

CVE-2023-24449

🗓️ 24 Jan 2023 00:00:00Reported by jenkinsType

Jenkins PWauth Security Realm Plugin 0.4 and earlier allows file name restriction bypas

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 9
OSV	Path traversal vulnerability in Jenkins PWauth Security Realm Plugin	26 Jan 202321:30	–	osv
OSV	CVE-2023-24449	26 Jan 202321:18	–	osv
Vulnrichment	CVE-2023-24449	24 Jan 202300:00	–	vulnrichment
CVE	CVE-2023-24449	26 Jan 202321:18	–	cve
Github Security Blog	Path traversal vulnerability in Jenkins PWauth Security Realm Plugin	26 Jan 202321:30	–	github
Prion	Design/Logic Flaw	26 Jan 202321:18	–	prion
NVD	CVE-2023-24449	26 Jan 202321:18	–	nvd
Tenable Nessus	Jenkins plugins Multiple Vulnerabilities (2023-01-24)	27 Feb 202300:00	–	nessus
Tenable Nessus	Jenkins Enterprise and Operations Center 2.346.x < 2.346.40.0.7 Multiple Vulnerabilities (CloudBees Security Advisory 2023-01-24)	24 Jan 202300:00	–	nessus

[
  {
    "product": "Jenkins PWauth Security Realm Plugin",
    "vendor": "Jenkins Project",
    "versions": [
      {
        "lessThanOrEqual": "0.4",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThan": "unspecified",
        "status": "unknown",
        "version": "next of 0.4",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
jenkins	www.jenkins.io/security/advisory/2023-01-24/

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

24 Jan 2023 00:00Current

4.8Medium risk

Vulners AI Score4.8

EPSS0.00758