4 matches found
CVE-2024-23905
Jenkins Red Hat Dependency Analytics Plugin 0.7.1 and earlier programmatically disables Content-Security-Policy protection for user-generated content in workspaces, archived artifacts, etc. that Jenkins offers for download...
CVE-2024-23905
Jenkins Red Hat Dependency Analytics Plugin 0.7.1 and earlier programmatically disables Content-Security-Policy protection for user-generated content in workspaces, archived artifacts, etc. that Jenkins offers for download...
CVE-2024-23905
Jenkins Red Hat Dependency Analytics Plugin 0.7.1 and earlier programmatically disables Content-Security-Policy protection for user-generated content in workspaces, archived artifacts, etc. that Jenkins offers for download...
CVE-2024-23905
CVE-2024-23905 — mode: normal Affected software: Jenkins Red Hat Dependency Analytics Plugin, version 0.7.1 and earlier. Root cause (as described): the plugin programmatically disables the Content-Security-Policy (CSP) header for user-generated content in workspaces, archived artifacts, and simil...