Lucene search
K

4 matches found

NVD
NVD
added 2023/10/25 6:17 p.m.22 views

CVE-2023-46658

Jenkins MSTeams Webhook Trigger Plugin 0.1.1 and earlier uses a non-constant time comparison function when checking whether the provided and expected webhook token are equal, potentially allowing attackers to use statistical methods to obtain a valid webhook token...

5.3CVSS6AI score0.00569EPSS
Exploits0References2
OSV
OSV
added 2023/10/25 6:17 p.m.18 views

CVE-2023-46658

Jenkins MSTeams Webhook Trigger Plugin 0.1.1 and earlier uses a non-constant time comparison function when checking whether the provided and expected webhook token are equal, potentially allowing attackers to use statistical methods to obtain a valid webhook token...

5.3CVSS6.9AI score
Exploits0References2
CVE
CVE
added 2023/10/25 1:45 p.m.59 views

CVE-2023-46658

CVE-2023-46658 affects Jenkins MSTeams Webhook Trigger Plugin (versions 0.1.1 and earlier). The root cause is a non-constant time comparison when verifying the webhook token, which could enable attackers to use statistical methods to deduce a valid token. Public references (GHSA/NVD) describe the...

5.3CVSS5.1AI score0.00569EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/10/25 1:45 p.m.28 views

CVE-2023-46658

Jenkins MSTeams Webhook Trigger Plugin 0.1.1 and earlier uses a non-constant time comparison function when checking whether the provided and expected webhook token are equal, potentially allowing attackers to use statistical methods to obtain a valid webhook token...

5.9AI score0.00569EPSS
Exploits0References2
Rows per page
Query Builder