Lucene search
+L

6 matches found

osv
osv
added 2023/10/25 6:32 p.m.16 views

GHSA-8859-V9JP-CPHF Jenkins Multibranch Scan Webhook Trigger Plugin uses non-constant time webhook token comparison

Jenkins Multibranch Scan Webhook Trigger Plugin 1.0.9 and earlier does not use a constant-time comparison when checking whether the provided and expected webhook token are equal. This could potentially allow attackers to use statistical methods to obtain a valid webhook token. As of publication o...

3.7CVSS5.5AI score0.00557EPSS
Exploits0References4
cve
cve
added 2023/10/25 1:45 p.m.70 views

CVE-2023-46656

CVE-2023-46656 affects Jenkins Multibranch Scan Webhook Trigger Plugin versions 1.0.9 and earlier. The root cause is a non-constant time comparison when verifying the webhook token, which can enable attackers to use statistical methods to determine a valid token. Public references (including Red ...

5.3CVSS5.1AI score0.00557EPSS
Exploits0References2Affected Software1
vulnrichment
vulnrichment
added 2023/10/25 1:45 p.m.12 views

CVE-2023-46656

Jenkins Multibranch Scan Webhook Trigger Plugin 1.0.9 and earlier uses a non-constant time comparison function when checking whether the provided and expected webhook token are equal, potentially allowing attackers to use statistical methods to obtain a valid webhook token...

6.9AI score0.00557EPSS
Exploits0References2
cvelist
cvelist
added 2023/10/25 1:45 p.m.35 views

CVE-2023-46656

Jenkins Multibranch Scan Webhook Trigger Plugin 1.0.9 and earlier uses a non-constant time comparison function when checking whether the provided and expected webhook token are equal, potentially allowing attackers to use statistical methods to obtain a valid webhook token...

5.9AI score0.00557EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2023/10/25 12:0 a.m.5 views

PT-2023-6546 · Jenkins · Jenkins Multibranch Scan Webhook Trigger Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Multibranch Scan Webhook Trigger Plugin versions 1.0.9 and earlier Description: The issue is related to information disclosure. It potentially allows a remote attacker to gain unauthorized access to protected information. The problem...

5.3CVSS5.1AI score0.00557EPSS
Exploits0References9
cnnvd
cnnvd
added 2023/10/25 12:0 a.m.5 views

Jenkins Plugin Multibranch Scan Webhook Trigger Security Vulnerability

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying and automating any project.Jenkins Plugin is a software application. A security vulnerability...

5.3CVSS6.6AI score0.00557EPSS
Exploits0References3
Rows per page
Query Builder