3 matches found
CVE-2022-43412
Jenkins Generic Webhook Trigger Plugin 1.84.1 and earlier uses a non-constant time comparison function when checking whether the provided and expected webhook token are equal, potentially allowing attackers to use statistical methods to obtain a valid webhook token...
CVE-2022-43412
CVE-2022-43412 affects Jenkins Generic Webhook Trigger Plugin (versions 1.84.1 and earlier). The vulnerability stems from a non-constant time comparison when validating the provided webhook token against the expected token, which could enable attackers to infer a valid token via statistical metho...
CVE-2022-43412
Jenkins Generic Webhook Trigger Plugin 1.84.1 and earlier uses a non-constant time comparison function when checking whether the provided and expected webhook token are equal, potentially allowing attackers to use statistical methods to obtain a valid webhook token...