Jenkins Security Advisory 2023-06-14
Affects Jenkins Core Affects plugin: AWS CodeCommit Trigger Affects plugin: Checkmarx Affects plugin: Digital.ai App Management Publisher Affects plugin: Dimensions Affects plugin: Maven Repository Server Affects plugin: Sonargraph Integration Affects plugin: Team Concert Affects plugin: Template Workflows
Details
Original advisory: https://www.jenkins.io/security/advisory/2023-06-14/
Exploitation outlook
EPSS (FIRST.org) estimates each CVE’s probability of exploitation in the next 30 days — here is the CSIRTS.com read on those numbers.
- Low exploitation riskCVE-2023-351410.86% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 54% of all scored CVEs.
- Low exploitation riskCVE-2023-351420.78% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 51% of all scored CVEs.
- Low exploitation riskCVE-2023-33150.50% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 39% of all scored CVEs.
- Low exploitation riskCVE-2023-322610.63% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 46% of all scored CVEs.
- Low exploitation riskCVE-2023-322620.83% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 53% of all scored CVEs.
- Low exploitation riskCVE-2023-351430.62% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 45% of all scored CVEs.
- Low exploitation riskCVE-2023-351440.62% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 45% of all scored CVEs.
- Low exploitation riskCVE-2023-351450.66% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 47% of all scored CVEs.
- Low exploitation riskCVE-2023-351460.75% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 51% of all scored CVEs.
- Low exploitation riskCVE-2023-351470.63% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 46% of all scored CVEs.
Referenced CVEs
| CVE | CSIRTS overview | External |
|---|---|---|
| CVE-2023-35141 | coverage & exploitation status | NVD · CVE.org |
| CVE-2023-35142 | coverage & exploitation status | NVD · CVE.org |
| CVE-2023-3315 | coverage & exploitation status | NVD · CVE.org |
| CVE-2023-32261 | coverage & exploitation status | NVD · CVE.org |
| CVE-2023-32262 | coverage & exploitation status | NVD · CVE.org |
| CVE-2023-35143 | coverage & exploitation status | NVD · CVE.org |
| CVE-2023-35144 | coverage & exploitation status | NVD · CVE.org |
| CVE-2023-35145 | coverage & exploitation status | NVD · CVE.org |
| CVE-2023-35146 | coverage & exploitation status | NVD · CVE.org |
| CVE-2023-35147 | coverage & exploitation status | NVD · CVE.org |
| CVE-2023-35148 | coverage & exploitation status | NVD · CVE.org |
| CVE-2023-35149 | coverage & exploitation status | NVD · CVE.org |
More from Jenkins Security Advisories
- unknownJenkins Security Advisory 2026-06-242026-06-24
- unknownJenkins Security Advisory 2026-06-102026-06-10
- unknownJenkins Security Advisory 2026-05-272026-05-27
- unknownJenkins Security Advisory 2026-04-292026-04-29
- unknownJenkins Security Advisory 2026-03-182026-03-18