Lucene search
+L

4 matches found

Tenable Nessus
Tenable Nessus
added 2024/04/28 12:0 a.m.70 views

RHEL 8 : jenkins and jenkins-2-plugins (RHSA-2024:0777)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0777 advisory. Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cro...

9.8CVSS7.6AI score0.99999EPSS
Exploits63References66
RedhatCVE
RedhatCVE
added 2023/07/17 5:11 p.m.52 views

CVE-2023-37946

A flaw was found in the Jenkins OpenShift Login Plugin. Affected versions of this plugin could allow a remote attacker to bypass security restrictions caused by not invalidating the existing session on login. By persuading a victim to visit a specially crafted Web site, an attacker can gain...

8.8CVSS6.9AI score0.00833EPSS
Exploits0References4
NVD
NVD
added 2023/07/12 4:15 p.m.34 views

CVE-2023-37946

Jenkins OpenShift Login Plugin 1.1.0.227.v27e08dfb1a20 and earlier does not invalidate the previous session on login...

8.8CVSS0.00833EPSS
Exploits0References2
CVE
CVE
added 2023/07/12 3:52 p.m.204 views

CVE-2023-37946

CVE-2023-37946 concerns the Jenkins OpenShift Login Plugin (versions up to 1.1.0.227.v27e08dfb_1a_20 and earlier) where login does not invalidate the previous session, enabling session fixation. The CVSSv3.1 base score is 8.8 (HIGH) with NETWORK attack vector, user interaction required. Red Hat a...

8.8CVSS8.6AI score0.00833EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder