CSIRTS // UNIFIED SECURITY ADVISORY FEEDSYS ● ONLINE · POWERED BY INTELFUSIONS.COM

Jenkins Security Advisory 2023-01-24

unknownCVE-2023-24422CVE-2023-24423CVE-2023-24424CVE-2023-24425CVE-2023-24426CVE-2023-24427
Affects plugin: BearyChat Affects plugin: Bitbucket OAuth Affects plugin: Cisco Spark Notifier Affects plugin: Gerrit Trigger Affects plugin: GitHub Pull Request Builder Affects plugin: GitHub Pull Request Coverage Status Affects plugin: JIRA Pipeline Steps Affects plugin: Keycloak Authentication Affects plugin: Kubernetes Credentials Provider Affects plugin: Microsoft Entra ID (previously Azure AD) Affects plugin: MSTest Affects plugin: OpenID Affects plugin: OpenId Connect Authentication Affects plugin: Orka by MacStadium Affects plugin: PWauth Security Realm Affects plugin: RabbitMQ Consumer Affects plugin: Script Security Affects plugin: Semantic Versioning Affects plugin: TestComplete support Affects plugin: TestQuality Updater Affects plugin: view-cloner Affects plugin: visualexpert

Details

Source
Jenkins Security Advisories (INTL · vendor-psirt · site)
Severity
unknown
Published
2023-01-24
Exploitation
Not in CISA KEV at last sync

Original advisory: https://www.jenkins.io/security/advisory/2023-01-24/

Exploitation outlook

EPSS (FIRST.org) estimates each CVE’s probability of exploitation in the next 30 days — here is the CSIRTS.com read on those numbers.

Referenced CVEs

CVECSIRTS overviewExternal
CVE-2023-24422coverage & exploitation statusNVD · CVE.org
CVE-2023-24423coverage & exploitation statusNVD · CVE.org
CVE-2023-24424coverage & exploitation statusNVD · CVE.org
CVE-2023-24425coverage & exploitation statusNVD · CVE.org
CVE-2023-24426coverage & exploitation statusNVD · CVE.org
CVE-2023-24427coverage & exploitation statusNVD · CVE.org
CVE-2023-24428coverage & exploitation statusNVD · CVE.org
CVE-2023-24429coverage & exploitation statusNVD · CVE.org
CVE-2023-24430coverage & exploitation statusNVD · CVE.org
CVE-2023-24431coverage & exploitation statusNVD · CVE.org
CVE-2023-24432coverage & exploitation statusNVD · CVE.org
CVE-2023-24433coverage & exploitation statusNVD · CVE.org
CVE-2023-24436coverage & exploitation statusNVD · CVE.org
CVE-2023-24434coverage & exploitation statusNVD · CVE.org
CVE-2023-24435coverage & exploitation statusNVD · CVE.org
CVE-2023-24437coverage & exploitation statusNVD · CVE.org
CVE-2023-24438coverage & exploitation statusNVD · CVE.org
CVE-2023-24439coverage & exploitation statusNVD · CVE.org
CVE-2023-24440coverage & exploitation statusNVD · CVE.org
CVE-2023-24441coverage & exploitation statusNVD · CVE.org
CVE-2023-24442coverage & exploitation statusNVD · CVE.org
CVE-2023-24456coverage & exploitation statusNVD · CVE.org
CVE-2023-24457coverage & exploitation statusNVD · CVE.org
CVE-2023-24443coverage & exploitation statusNVD · CVE.org
CVE-2023-24444coverage & exploitation statusNVD · CVE.org
CVE-2023-24445coverage & exploitation statusNVD · CVE.org
CVE-2023-24446coverage & exploitation statusNVD · CVE.org
CVE-2023-24447coverage & exploitation statusNVD · CVE.org
CVE-2023-24448coverage & exploitation statusNVD · CVE.org
CVE-2023-24449coverage & exploitation statusNVD · CVE.org
CVE-2023-24450coverage & exploitation statusNVD · CVE.org
CVE-2023-24451coverage & exploitation statusNVD · CVE.org
CVE-2023-24458coverage & exploitation statusNVD · CVE.org
CVE-2023-24459coverage & exploitation statusNVD · CVE.org
CVE-2023-24452coverage & exploitation statusNVD · CVE.org
CVE-2023-24453coverage & exploitation statusNVD · CVE.org
CVE-2023-24454coverage & exploitation statusNVD · CVE.org
CVE-2023-24455coverage & exploitation statusNVD · CVE.org

More from Jenkins Security Advisories