Lucene search
PRIOn knowledge basePRION:CVE-2024-23901HistoryJan 24, 2024 - 6:15 p.m.
Information disclosure
2024-01-2418:15:00
PRIOn knowledge base
www.prio-n.com
8
jenkins
gitlab
branch source plugin
vulnerability
information disclosure
attacker
configuration
pipeline
scan
nvd
Jenkins GitLab Branch Source Plugin 684.vea_fa_7c1e2fe3 and earlier unconditionally discovers projects that are shared with the configured owner group, allowing attackers to configure and share a project, resulting in a crafted Pipeline being built by Jenkins during the next scan of the group.
| CPE | Name | Operator | Version |
|---|---|---|---|
| github_branch_source | eq | <= 684.veafa7c1e2fe3 |
Related
cvelist
cvelist
CVE-2024-23901
2024-01-24 17:52:25
github
github
cve
cve
CVE-2024-23901
2024-01-24 18:15:09
osv
osv
nvd
nvd
CVE-2024-23901
2024-01-24 18:15:09
alpinelinux
alpinelinux
CVE-2024-23901
2024-01-24 18:15:09
nessus
nessus
Jenkins plugins Multiple Vulnerabilities (2024-01-24)
2024-01-24 00:00:00
redos
redos
ROS-20240411-08
2024-04-11 00:00:00