VDB
CISA-2023-40349
CISA-2023-40349
PUBLISHED
Reported by jenkins · Published August 16, 2023
Jenkins Gogs Plugin 1.0.15 and earlier improperly initializes an option to secure its webhook endpoint, allowing unauthenticated attackers to trigger builds of jobs.
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Jenkins Project | Jenkins Gogs Plugin | 0 |
| Jenkins Project | Jenkins Gogs Plugin | 0, 0 |
Timeline
- Aug 16, 2023 CVE Published
- Oct 8, 2024 CVE Updated
References
- Jenkins Security Advisory 2023-08-16 vendor-advisory