Lucene search
JenkinsCVELIST:CVE-2023-40341HistoryAug 16, 2023 - 2:32 p.m.
CVE-2023-40341
2023-08-1614:32:52
jenkins
www.cve.org
3
cve-2023-40341
cross-site request forgery
jenkins blue ocean plugin
github credentials
EPSS
0.001
Percentile
30.2%
A cross-site request forgery (CSRF) vulnerability in Jenkins Blue Ocean Plugin 1.27.5 and earlier allows attackers to connect to an attacker-specified URL, capturing GitHub credentials associated with an attacker-specified job.
CNA Affected
[
{
"defaultStatus": "affected",
"product": "Jenkins Blue Ocean Plugin",
"vendor": "Jenkins Project",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1.27.5.1",
"versionType": "maven"
},
{
"status": "unaffected",
"version": "1.27.4.1"
}
]
}
]Related
osv
osv
CVE-2023-40341
2023-08-16 15:15:11
Jenkins Blue Ocean Plugin cross-site request forgery vulnerability
2023-08-16 15:30:18
veracode
veracode
Cross-site Request Forgery
2023-08-21 04:49:15
cve
cve
CVE-2023-40341
2023-08-16 15:15:11
redhatcve
redhatcve
CVE-2023-40341
2023-08-17 06:48:52
github
github
Jenkins Blue Ocean Plugin cross-site request forgery vulnerability
2023-08-16 15:30:18
prion
prion
Cross site request forgery (csrf)
2023-08-16 15:15:00
nvd
nvd
CVE-2023-40341
2023-08-16 15:15:11
redhat
redhat
(RHSA-2024:0777) Important: jenkins and jenkins-2-plugins security update
2024-02-12 10:20:42
(RHSA-2024:0778) Important: Jenkins and Jenkins-2-plugins security update
2024-02-12 10:30:15
nessus
nessus
RHEL 8 : jenkins and jenkins-2-plugins (RHSA-2024:0777)
2024-04-28 00:00:00
Jenkins plugins Multiple Vulnerabilities (2023-08-16)
2023-08-21 00:00:00
RHEL 8 : Jenkins and Jenkins-2-plugins (RHSA-2024:0778)
2024-04-29 00:00:00