CVE-2023-24423

2023-01-2621:18:16

Google

osv.dev

0.0005 Low

EPSS

Percentile

16.6%

JSON

A cross-site request forgery (CSRF) vulnerability in Jenkins Gerrit Trigger Plugin 2.38.0 and earlier allows attackers to rebuild previous builds triggered by Gerrit.

CPENameOperatorVersion
gerrit-trigger-plugineqgerrit-trigger-2.12.0-beta-3
gerrit-trigger-plugineqgerrit-trigger-2.21.1
gerrit-trigger-plugineqgerrit-trigger-2.13.0-beta-5r2
gerrit-trigger-plugineqgerrit-trigger-2.17.2
gerrit-trigger-plugineqgerrit-trigger-2.5.1
gerrit-trigger-plugineqgerrit-trigger-parent-1_3
gerrit-trigger-plugineqgerrit-trigger-2.12.0-beta-5
gerrit-trigger-plugineqgerrit-trigger-2.11.0-beta-2
gerrit-trigger-plugineqgerrit-trigger-2.27.0
gerrit-trigger-plugineqgerrit-trigger-2.3.1

Name	Operator	Version
gerrit-trigger-plugin	eq	gerrit-trigger-2.12.0-beta-3
gerrit-trigger-plugin	eq	gerrit-trigger-2.21.1
gerrit-trigger-plugin	eq	gerrit-trigger-2.13.0-beta-5r2
gerrit-trigger-plugin	eq	gerrit-trigger-2.17.2
gerrit-trigger-plugin	eq	gerrit-trigger-2.5.1
gerrit-trigger-plugin	eq	gerrit-trigger-parent-1_3
gerrit-trigger-plugin	eq	gerrit-trigger-2.12.0-beta-5
gerrit-trigger-plugin	eq	gerrit-trigger-2.11.0-beta-2
gerrit-trigger-plugin	eq	gerrit-trigger-2.27.0
gerrit-trigger-plugin	eq	gerrit-trigger-2.3.1

Rows per page:

1-10 of 1031

References

www.jenkins.io/security/advisory/2023-01-24/#SECURITY-2137

0.0005 Low

EPSS

Percentile

16.6%

JSON

Related for OSV:CVE-2023-24423