Lucene search
K

16 matches found

RedHat Linux
RedHat Linux
added 2023/04/12 12:2 p.m.142 views

Critical: Red Hat Security Advisory: OpenShift Container Platform 4.10.56 security update

Red Hat OpenShift Container Platform release 4.10.56 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.10. Red Hat Product Security has rated this update as having a...

9.8CVSS7AI score0.99931EPSS
Exploits46References11
RedhatCVE
RedhatCVE
added 2023/03/13 8:42 a.m.50 views

CVE-2023-27898

A flaw was found in Jenkins. Affected versions of Jenkins do not escape the Jenkins version that a plugin depends on when rendering the error message stating its incompatibility with the current version of Jenkins in the plugin manager. This issue results in a stored Cross-site scripting XSS...

8.8CVSS5.9AI score0.0184EPSS
Exploits0References4
vulnersOsv
vulnersOsv
added 2023/03/10 9:30 p.m.6 views

ColumnPack:ColumnPack-plugin (=1.0.3), CustomHistory:CustomHistory (>=1.1 <=1.3) +1602 more potentially affected by CVE-2023-27898 via org.jenkins-ci.main:jenkins-core (>=1.396 <=2.37)

org.jenkins-ci.main:jenkins-core MAVEN version =1.396, =1.1, =0.0.1, =1.0, =1.0, =0.0.1, =0.1.0, =1.0, =0.9, =1.3, =1.0.5.0, =1.0.6.1 and more Source cves: CVE-2023-27898 Source advisory: OSV:GHSA-J664-QHH4-HPF8...

9.6CVSS7.5AI score0.0184EPSS
Exploits0
Chainguard
Chainguard
added 2023/03/10 9:15 p.m.43 views

CVE-2023-27898 vulnerabilities

Vulnerabilities for packages: jenkins...

9.6CVSS7.4AI score0.0184EPSS
Exploits0
Wolfi
Wolfi
added 2023/03/10 9:15 p.m.41 views

CVE-2023-27898 vulnerabilities

Vulnerabilities for packages: jenkins...

9.6CVSS7.7AI score0.0184EPSS
Exploits0
NVD
NVD
added 2023/03/10 9:15 p.m.21 views

CVE-2023-27898

Jenkins 2.270 through 2.393 both inclusive, LTS 2.277.1 through 2.375.3 both inclusive does not escape the Jenkins version a plugin depends on when rendering the error message stating its incompatibility with the current version of Jenkins, resulting in a stored cross-site scripting XSS...

9.6CVSS8.8AI score0.0184EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2023/03/10 9:15 p.m.97 views

CVE-2023-27898

Jenkins 2.270 through 2.393 both inclusive, LTS 2.277.1 through 2.375.3 both inclusive does not escape the Jenkins version a plugin depends on when rendering the error message stating its incompatibility with the current version of Jenkins, resulting in a stored cross-site scripting XSS...

9.6CVSS6AI score0.0184EPSS
Exploits0
Circl
Circl
added 2023/03/09 4:59 a.m.8 views

CVE-2023-27898

creationtimestamp| type| source ---|---|--- 2023-03-09 04:59:49+00:00| seen| https://t.me/KomunitiSiber/34 2023-03-09 06:16:33+00:00| published-proof-of-concept| https://t.me/ptswarm/163 2023-03-09 13:39:22+00:00| published-proof-of-concept| https://t.me/cKure/10774 2023-03-10 17:00:11+00:00| see...

9.6CVSS8.9AI score0.0184EPSS
Exploits0References8
OpenVAS
OpenVAS
added 2023/03/09 12:0 a.m.27 views

Jenkins XSS Vulnerability (CVE-2023-27898) - Linux

Jenkins is prone to a cross-site scripting XSS vulnerability in plugin manager. Copyright C 2023 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program...

9.6CVSS9.1AI score0.0184EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2023/03/09 12:0 a.m.26 views

Jenkins XSS Vulnerability (CVE-2023-27898) - Windows

Jenkins is prone to a cross-site scripting XSS vulnerability in plugin manager. Copyright C 2023 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program...

9.6CVSS9.1AI score0.0184EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2023/03/09 12:0 a.m.72 views

Jenkins LTS < 2.375.4 / Jenkins weekly < 2.394 Multiple Vulnerabilities

According to its its self-reported version number, the version of Jenkins running on the remote web server is Jenkins LTS prior to 2.375.4 or Jenkins weekly prior to 2.394. It is, therefore, affected by multiple vulnerabilities: - Apache Commons FileUpload before 1.5 does not limit the number of...

9.6CVSS7.9AI score0.46836EPSS
Exploits1References10
CVE
CVE
added 2023/03/08 5:14 p.m.560 views

CVE-2023-27898

CVE-2023-27898 affects Jenkins core (versions 2.270–2.393 and LTS 2.277.1–2.375.3) where an error message rendering vendor/plugin incompatibility fails to escape the Jenkins version context. This leads to a stored cross-site scripting (XSS) vulnerability that can be triggered by attackers who can...

9.6CVSS8.4AI score0.0184EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/03/08 5:14 p.m.66 views

CVE-2023-27898

Jenkins 2.270 through 2.393 both inclusive, LTS 2.277.1 through 2.375.3 both inclusive does not escape the Jenkins version a plugin depends on when rendering the error message stating its incompatibility with the current version of Jenkins, resulting in a stored cross-site scripting XSS...

8.5AI score0.0184EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/03/08 5:14 p.m.12 views

CVE-2023-27898

Jenkins 2.270 through 2.393 both inclusive, LTS 2.277.1 through 2.375.3 both inclusive does not escape the Jenkins version a plugin depends on when rendering the error message stating its incompatibility with the current version of Jenkins, resulting in a stored cross-site scripting XSS...

8.7AI score0.0184EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2023/03/08 4:30 p.m.101 views

Jenkins Security Alert: New Security Flaws Could Allow Code Execution Attacks

A pair of severe security vulnerabilities have been disclosed in the Jenkins open source automation server that could lead to code execution on targeted systems. The flaws, tracked as CVE-2023-27898 and CVE-2023-27905, impact the Jenkins server and Update Center, and have been collectively...

1.8AI score0.0184EPSS
Exploits0
FreeBSD
FreeBSD
added 2023/03/08 12:0 a.m.120 views

jenkins -- multiple vulnerabilities

Jenkins Security Advisory: Description High SECURITY-3037 / CVE-2023-27898 XSS vulnerability in plugin manager Medium SECURITY-3030 / CVE-2023-24998 upstream issue, CVE-2023-27900 MultipartFormDataParser, CVE-2023-27901 StaplerRequest DoS vulnerability in bundled Apache Commons FileUpload library...

9.6CVSS6.5AI score0.46836EPSS
Exploits1References1
Rows per page
Query Builder