Описание
A cross-site request forgery (CSRF) vulnerability in Jenkins Folders Plugin 6.846.v23698686f0f6 and earlier allows attackers to copy folders.
A flaw was found in the Jenkins Folders Plugin. Affected versions of this plugin allow attackers to copy folders.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat OpenShift Container Platform 3.11 | jenkins-2-plugins | Out of support scope | ||
| Red Hat OpenShift Container Platform 4 | jenkins-2-plugins | Affected | ||
| OCP-Tools-4.14-RHEL-8 | jenkins-2-plugins | Fixed | RHSA-2024:0777 | 12.02.2024 |
Показывать по
10
Дополнительная информация
Статус:
Important
Дефект:
CWE-352
https://bugzilla.redhat.com/show_bug.cgi?id=2232424jenkins-plugins: cloudbees-folder: CSRF vulnerability in Folders Plugin may approve unsandboxed scripts
8 High
CVSS3
Связанные уязвимости
CVSS3: 8.8
nvd
больше 2 лет назад
A cross-site request forgery (CSRF) vulnerability in Jenkins Folders Plugin 6.846.v23698686f0f6 and earlier allows attackers to copy folders.
CVSS3: 8
github
больше 2 лет назад
Jenkins Folders Plugin cross-site request forgery vulnerability
8 High
CVSS3