Jenkins Security Advisory 2023-07-12
Affects plugin: Active Directory Affects plugin: Assembla Auth Affects plugin: Benchmark Evaluator Affects plugin: Datadog Affects plugin: ElasticBox CI Affects plugin: External Monitor Job Type Affects plugin: mabl Affects plugin: MathWorks Polyspace Affects plugin: OpenShift Login Affects plugin: Oracle Cloud Infrastructure Compute Affects plugin: Orka by MacStadium Affects plugin: Pipeline restFul API Affects plugin: Rebuilder Affects plugin: SAML Single Sign On(SSO) Affects plugin: Sumologic Publisher Affects plugin: Test Results Aggregator
Details
Original advisory: https://www.jenkins.io/security/advisory/2023-07-12/
Exploitation outlook
EPSS (FIRST.org) estimates each CVE’s probability of exploitation in the next 30 days — here is the CSIRTS.com read on those numbers.
- Low exploitation riskCVE-2023-379420.51% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 40% of all scored CVEs.
- Low exploitation riskCVE-2023-379430.38% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 30% of all scored CVEs.
- Low exploitation riskCVE-2023-379440.69% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 48% of all scored CVEs.
- Low exploitation riskCVE-2023-379450.37% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 29% of all scored CVEs.
- Low exploitation riskCVE-2023-379460.72% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 49% of all scored CVEs.
- Low exploitation riskCVE-2023-379470.49% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 39% of all scored CVEs.
- Low exploitation riskCVE-2023-379480.42% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 34% of all scored CVEs.
- Low exploitation riskCVE-2023-379490.53% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 41% of all scored CVEs.
- Low exploitation riskCVE-2023-379500.45% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 36% of all scored CVEs.
- Low exploitation riskCVE-2023-379510.56% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 42% of all scored CVEs.
Referenced CVEs
More from Jenkins Security Advisories
- unknownJenkins Security Advisory 2026-06-242026-06-24
- unknownJenkins Security Advisory 2026-06-102026-06-10
- unknownJenkins Security Advisory 2026-05-272026-05-27
- unknownJenkins Security Advisory 2026-04-292026-04-29
- unknownJenkins Security Advisory 2026-03-182026-03-18