CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5 matches found

RedhatCVE•added 2026/01/09 12:30 p.m.•7 views

CVE-2023-40343

Jenkins Tuleap Authentication Plugin 1.1.20 and earlier uses a non-constant time comparison function when validating an authentication token allowing attackers to use statistical methods to obtain a valid authentication token...

5.9CVSS6.9AI score0.00494EPSS

Exploits0References1

Circl•added 2023/08/16 6:52 p.m.•1 views

CVE-2023-40343

creationtimestamp| type| source ---|---|--- 2023-08-16 18:52:44+00:00| seen| https://t.me/cibsecurity/68667...

5.9CVSS5.8AI score0.00494EPSS

Exploits0References1

NVD•added 2023/08/16 3:15 p.m.•14 views

CVE-2023-40343

5.9CVSS5.8AI score0.00494EPSS

Exploits0References2

CVE•added 2023/08/16 2:32 p.m.•2697 views

CVE-2023-40343

CVE-2023-40343 affects Jenkins Tuleap Authentication Plugin (versions 1.1.20 and earlier). The root cause is a non-constant-time comparison function when validating authentication tokens, which could allow attackers to apply statistical methods to obtain a valid token. The issue is mitigated by u...

5.9CVSS5.7AI score0.00494EPSS

Exploits0References2Affected Software1