Lucene search
K

8 matches found

RedHat Linux
RedHat Linux
added 2023/05/24 5:13 p.m.73 views

Important: Red Hat Security Advisory: jenkins and jenkins-2-plugins security update

An update for jenkins and jenkins-2-plugins is now available for OpenShift Developer Tools and Services for OCP 4.13. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

9.8CVSS7.1AI score0.99931EPSS
Exploits52References18
RedhatCVE
RedhatCVE
added 2023/03/13 8:43 a.m.51 views

CVE-2023-27900

A flaw was found in Jenkins. Affected versions of Jenkins use the Apache Commons FileUpload library without specifying limits for the number of request parts introduced in version 1.5 for CVE-2023-24998 in hudson.util.MultipartFormDataParser, allowing attackers to trigger a denial of service...

7.5CVSS7.4AI score0.46836EPSS
Exploits1References4
vulnersOsv
vulnersOsv
added 2023/03/10 9:30 p.m.4 views

ColumnPack:ColumnPack-plugin (=1.0.3), CustomHistory:CustomHistory (>=1.1 <=1.3) +1602 more potentially affected by CVE-2023-27900 via org.jenkins-ci.main:jenkins-core (>=1.396 <=2.37)

org.jenkins-ci.main:jenkins-core MAVEN version =1.396, =1.1, =0.0.1, =1.0, =1.0, =0.0.1, =0.1.0, =1.0, =0.9, =1.3, =1.0.5.0, =1.0.6.1 and more Source cves: CVE-2023-27900 Source advisory: OSV:GHSA-FRGR-C5F2-8QHH...

7.5CVSS7.1AI score0.0098EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2023/03/10 9:15 p.m.92 views

CVE-2023-27900

Jenkins 2.393 and earlier, LTS 2.375.3 and earlier uses the Apache Commons FileUpload library without specifying limits for the number of request parts introduced in version 1.5 for CVE-2023-24998 in hudson.util.MultipartFormDataParser, allowing attackers to trigger a denial of service...

7.5CVSS7.6AI score0.46836EPSS
Exploits1
OpenVAS
OpenVAS
added 2023/03/09 12:0 a.m.32 views

Jenkins < 2.375.4 (LTS), < 2.394 Multiple Vulnerabilities - Windows

Jenkins is prone to multiple vulnerabilities. Copyright C 2023 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.5CVSS7AI score0.46836EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2023/03/08 5:14 p.m.17 views

CVE-2023-27900

Jenkins 2.393 and earlier, LTS 2.375.3 and earlier uses the Apache Commons FileUpload library without specifying limits for the number of request parts introduced in version 1.5 for CVE-2023-24998 in hudson.util.MultipartFormDataParser, allowing attackers to trigger a denial of service...

7.6AI score0.0098EPSS
Exploits0References1
CVE
CVE
added 2023/03/08 5:14 p.m.189 views

CVE-2023-27900

CVE-2023-27900 affects Jenkins 2.393 and earlier (including LTS 2.375.3 and earlier). The issue arises in hudson.util.MultipartFormDataParser where Apache Commons FileUpload is used without limiting the number of request parts (introduced by CVE-2023-24998), enabling a potential denial of service...

7.5CVSS7.5AI score0.0098EPSS
Exploits0References1Affected Software1
FreeBSD
FreeBSD
added 2023/03/08 12:0 a.m.120 views

jenkins -- multiple vulnerabilities

Jenkins Security Advisory: Description High SECURITY-3037 / CVE-2023-27898 XSS vulnerability in plugin manager Medium SECURITY-3030 / CVE-2023-24998 upstream issue, CVE-2023-27900 MultipartFormDataParser, CVE-2023-27901 StaplerRequest DoS vulnerability in bundled Apache Commons FileUpload library...

9.6CVSS6.5AI score0.46836EPSS
Exploits1References1
Rows per page
Query Builder