Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

OSV
OSVadded 2023/10/25 6:32 p.m.15 views

GHSA-8859-V9JP-CPHF Jenkins Multibranch Scan Webhook Trigger Plugin uses non-constant time webhook token comparison

Jenkins Multibranch Scan Webhook Trigger Plugin 1.0.9 and earlier does not use a constant-time comparison when checking whether the provided and expected webhook token are equal. This could potentially allow attackers to use statistical methods to obtain a valid webhook token. As of publication o...

3.7CVSS5.5AI score0.00109EPSS
Exploits0References4
CVE
CVEadded 2023/10/25 1:45 p.m.52 views

CVE-2023-46656

CVE-2023-46656 affects Jenkins Multibranch Scan Webhook Trigger Plugin versions 1.0.9 and earlier. The root cause is a non-constant time comparison when verifying the webhook token, which can enable attackers to use statistical methods to determine a valid token. Public references (including Red ...

5.3CVSS5.1AI score0.00109EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichmentadded 2023/10/25 1:45 p.m.11 views

CVE-2023-46656

Jenkins Multibranch Scan Webhook Trigger Plugin 1.0.9 and earlier uses a non-constant time comparison function when checking whether the provided and expected webhook token are equal, potentially allowing attackers to use statistical methods to obtain a valid webhook token...

6.9AI score0.00109EPSS
Exploits0References2
Cvelist
Cvelistadded 2023/10/25 1:45 p.m.13 views

CVE-2023-46656

Jenkins Multibranch Scan Webhook Trigger Plugin 1.0.9 and earlier uses a non-constant time comparison function when checking whether the provided and expected webhook token are equal, potentially allowing attackers to use statistical methods to obtain a valid webhook token...

5.9AI score0.00109EPSS
Exploits0References2
CNNVD
CNNVDadded 2023/10/25 12:0 a.m.1 views

Jenkins Plugin Multibranch Scan Webhook Trigger Security Vulnerability

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying and automating any project.Jenkins Plugin is a software application. A security vulnerability...

5.3CVSS6.6AI score0.00109EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2023/10/25 12:0 a.m.3 views

PT-2023-6546 · Jenkins · Jenkins Multibranch Scan Webhook Trigger Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Multibranch Scan Webhook Trigger Plugin versions 1.0.9 and earlier Description: The issue is related to information disclosure. It potentially allows a remote attacker to gain unauthorized access to protected information. The problem...

5.3CVSS5.1AI score0.00109EPSS
Exploits0References9
Rows per page
Query Builder