CSIRTS // UNIFIED SECURITY ADVISORY FEEDSYS ● ONLINE · POWERED BY INTELFUSIONS.COM

Jenkins Security Advisory 2023-03-21

unknownCVE-2023-28668CVE-2023-28669CVE-2023-28670CVE-2023-28671CVE-2023-28672CVE-2023-28673
Affects plugin: AbsInt a³ Affects plugin: Convert To Pipeline Affects plugin: Cppcheck Affects plugin: Crap4J Affects plugin: JaCoCo Affects plugin: Mashup Portlets Affects plugin: OctoPerf Load Testing Plugin Affects plugin: Performance Publisher Affects plugin: Phabricator Differential Affects plugin: Pipeline Aggregator View Affects plugin: remote-jobs-view-plugin Affects plugin: Role-based Authorization Strategy Affects plugin: Visual Studio Code Metrics

Details

Source
Jenkins Security Advisories (INTL · vendor-psirt · site)
Severity
unknown
Published
2023-03-21
Exploitation
Not in CISA KEV at last sync

Original advisory: https://www.jenkins.io/security/advisory/2023-03-21/

Exploitation outlook

EPSS (FIRST.org) estimates each CVE’s probability of exploitation in the next 30 days — here is the CSIRTS.com read on those numbers.

Referenced CVEs

CVECSIRTS overviewExternal
CVE-2023-28668coverage & exploitation statusNVD · CVE.org
CVE-2023-28669coverage & exploitation statusNVD · CVE.org
CVE-2023-28670coverage & exploitation statusNVD · CVE.org
CVE-2023-28671coverage & exploitation statusNVD · CVE.org
CVE-2023-28672coverage & exploitation statusNVD · CVE.org
CVE-2023-28673coverage & exploitation statusNVD · CVE.org
CVE-2023-28674coverage & exploitation statusNVD · CVE.org
CVE-2023-28675coverage & exploitation statusNVD · CVE.org
CVE-2023-28676coverage & exploitation statusNVD · CVE.org
CVE-2023-28677coverage & exploitation statusNVD · CVE.org
CVE-2023-28678coverage & exploitation statusNVD · CVE.org
CVE-2023-28679coverage & exploitation statusNVD · CVE.org
CVE-2023-28680coverage & exploitation statusNVD · CVE.org
CVE-2023-28681coverage & exploitation statusNVD · CVE.org
CVE-2023-28682coverage & exploitation statusNVD · CVE.org
CVE-2023-28683coverage & exploitation statusNVD · CVE.org
CVE-2023-28684coverage & exploitation statusNVD · CVE.org
CVE-2023-28685coverage & exploitation statusNVD · CVE.org

More from Jenkins Security Advisories