FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

jenkins -- multiple vulnerabilities

Affected packages
jenkins < 2.422
jenkins-lts < 2.426.3

Details

VuXML ID 8b03d274-56ca-489e-821a-cf32f07643f0
Discovery 2024-01-24
Entry 2024-01-24

Jenkins Security Advisory:

Description

(Critical) SECURITY-3314 / CVE-2024-23897

Arbitrary file read vulnerability through the CLI can lead to RCE

Description

(High) SECURITY-3315 / CVE-2024-23898

Cross-site WebSocket hijacking vulnerability in the CLI

[source]

References

CVE Name CVE-2024-23897
CVE Name CVE-2024-23898
URL https://www.jenkins.io/security/advisory/2024-01-24/

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.