Lucene search
K

6 matches found

Tenable Nessus
Tenable Nessus
added 2024/04/28 12:0 a.m.70 views

RHEL 8 : jenkins and jenkins-2-plugins (RHSA-2024:0777)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0777 advisory. Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cro...

9.8CVSS7.6AI score0.99999EPSS
Exploits61References66
OSV
OSV
added 2023/08/16 3:15 p.m.20 views

CVE-2023-40341

A cross-site request forgery CSRF vulnerability in Jenkins Blue Ocean Plugin 1.27.5 and earlier allows attackers to connect to an attacker-specified URL, capturing GitHub credentials associated with an attacker-specified job...

8.8CVSS7AI score
Exploits0References2
NVD
NVD
added 2023/08/16 3:15 p.m.32 views

CVE-2023-40341

A cross-site request forgery CSRF vulnerability in Jenkins Blue Ocean Plugin 1.27.5 and earlier allows attackers to connect to an attacker-specified URL, capturing GitHub credentials associated with an attacker-specified job...

8.8CVSS9.3AI score0.00537EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/08/16 2:32 p.m.24 views

CVE-2023-40341

A cross-site request forgery CSRF vulnerability in Jenkins Blue Ocean Plugin 1.27.5 and earlier allows attackers to connect to an attacker-specified URL, capturing GitHub credentials associated with an attacker-specified job...

7.1AI score0.00537EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/08/16 2:32 p.m.31 views

CVE-2023-40341

A cross-site request forgery CSRF vulnerability in Jenkins Blue Ocean Plugin 1.27.5 and earlier allows attackers to connect to an attacker-specified URL, capturing GitHub credentials associated with an attacker-specified job...

8.9AI score0.00537EPSS
Exploits0References2
CVE
CVE
added 2023/08/16 2:32 p.m.407 views

CVE-2023-40341

CVE-2023-40341 is a cross-site request forgery (CSRF) vulnerability in the Jenkins Blue Ocean Plugin, affecting version 1.27.5 and earlier. The flaw allows an attacker to cause the Jenkins instance to connect to an attacker-specified URL, enabling capture of GitHub credentials associated with a j...

8.8CVSS8.6AI score0.00537EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder