VDB
BIT-jenkins-2023-27901
BIT-jenkins-2023-27901
PUBLISHED
CVSS 7.5 HIGH
Jenkins LTS 2.375.3 and earlier uses the Apache Commons FileUpload library without specifying limits for the number of request parts introduced in version 1.5 for CVE-2023-24998 in org.kohsuke.stapler.RequestImpl, allowing attackers to trigger a denial of service.
Risk Scores
CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Bitnami | jenkins | 0, 0, 0 |
Timeline
- Mar 6, 2024 CVE Published
- Apr 3, 2025 CVE Updated