9 matches found
Important: Red Hat Security Advisory: jenkins and jenkins-2-plugins security update
An update for jenkins and jenkins-2-plugins is now available for OpenShift Developer Tools and Services for OCP 4.13. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
CVE-2023-27901
A flaw was found in Jenkins. Affected versions of Jenkins use the Apache Commons FileUpload library without specifying limits for the number of request parts introduced in version 1.5 for CVE-2023-24998 in org.kohsuke.stapler.RequestImpl, allowing attackers to trigger a denial of service...
CVE-2023-27901
creationtimestamp| type| source ---|---|--- 2023-03-11 00:27:28+00:00| seen| https://t.me/cibsecurity/59851 2025-02-28 19:27:10+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/5963 2025-03-02 11:45:39+00:00| seen| Telegram/HCo7oBc9MuABAZ3fcQP6FO0F8XbROF3F21Hr1OX3zJVvqUa...
ColumnPack:ColumnPack-plugin (=1.0.3), CustomHistory:CustomHistory (>=1.1 <=1.3) +1602 more potentially affected by CVE-2023-27901 via org.jenkins-ci.main:jenkins-core (>=1.396 <=2.37)
org.jenkins-ci.main:jenkins-core MAVEN version =1.396, =1.1, =0.0.1, =1.0, =1.0, =0.0.1, =0.1.0, =1.0, =0.9, =1.3, =1.0.5.0, =1.0.6.1 and more Source cves: CVE-2023-27901 Source advisory: OSV:GHSA-H76P-MC68-JV3P...
CVE-2023-27901
Jenkins 2.393 and earlier, LTS 2.375.3 and earlier uses the Apache Commons FileUpload library without specifying limits for the number of request parts introduced in version 1.5 for CVE-2023-24998 in org.kohsuke.stapler.RequestImpl, allowing attackers to trigger a denial of service...
Jenkins < 2.375.4 (LTS), < 2.394 Multiple Vulnerabilities - Windows
Jenkins is prone to multiple vulnerabilities. Copyright C 2023 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
CVE-2023-27901
CVE-2023-27901 affects Jenkins 2.393 and earlier (LTS 2.375.3 and earlier). The issue is due to Apache Commons FileUpload being used without limits on the number of request parts, in the context of org.kohsuke.stapler.RequestImpl, enabling a denial-of-service condition. The Connected documents al...
CVE-2023-27901
Jenkins 2.393 and earlier, LTS 2.375.3 and earlier uses the Apache Commons FileUpload library without specifying limits for the number of request parts introduced in version 1.5 for CVE-2023-24998 in org.kohsuke.stapler.RequestImpl, allowing attackers to trigger a denial of service...
jenkins -- multiple vulnerabilities
Jenkins Security Advisory: Description High SECURITY-3037 / CVE-2023-27898 XSS vulnerability in plugin manager Medium SECURITY-3030 / CVE-2023-24998 upstream issue, CVE-2023-27900 MultipartFormDataParser, CVE-2023-27901 StaplerRequest DoS vulnerability in bundled Apache Commons FileUpload library...