5 matches found
RHEL 8 : jenkins and jenkins-2-plugins (RHSA-2024:0777)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0777 advisory. Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cro...
com.amadeus.jenkins.plugins:workflow-cps-global-lib-http (>=2.33.0 <=2.54.0), com.compuware.jenkins:compuware-scm-downloader (>=1.6 <=2.0.5) +105 more potentially affected by CVE-2023-40336 via org.jenkins-ci.plugins:cloudbees-folder (>=4.0 <=6.815.v0dd5a_cb_40e0e)
org.jenkins-ci.plugins:cloudbees-folder MAVEN version =4.0, =2.33.0, =1.6, =1.8, =1.0.2, =1.0.0, =2.0.0, =0.4, =1.0, =7.5.7, =0.9.1, =1.0-alpha-1, =1.27.19, =1.27.25 and more Source cves: CVE-2023-40336 Source advisory: OSV:GHSA-4VQP-PCM3-73XP...
CVE-2023-40336
A cross-site request forgery CSRF vulnerability in Jenkins Folders Plugin 6.846.v23698686f0f6 and earlier allows attackers to copy folders...
CVE-2023-40336
CVE-2023-40336 : Jenkins Folders Plugin (versions prior to 6.846.v23698686f0f6) is vulnerable to cross-site request forgery (CSRF) due to improper validation of user input. An authenticated attacker can exploit this to copy folders or views, potentially enabling execution of unsafe scripts or oth...
CVE-2023-40336
A cross-site request forgery CSRF vulnerability in Jenkins Folders Plugin 6.846.v23698686f0f6 and earlier allows attackers to copy folders...