Количество 3
Количество 3
CVE-2022-23106
Jenkins Configuration as Code Plugin 1.55 and earlier used a non-constant time comparison function when validating an authentication token allowing attackers to use statistical methods to obtain a valid authentication token.
CVE-2022-23106
Jenkins Configuration as Code Plugin 1.55 and earlier used a non-constant time comparison function when validating an authentication token allowing attackers to use statistical methods to obtain a valid authentication token.
GHSA-fpj7-9xm6-8hgr
Observable Discrepancy and Observable Timing Discrepancy in Jenkins Configuration as Code Plugin
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2022-23106 Jenkins Configuration as Code Plugin 1.55 and earlier used a non-constant time comparison function when validating an authentication token allowing attackers to use statistical methods to obtain a valid authentication token. | CVSS3: 5.3 | 0% Низкий | около 4 лет назад |
 | CVE-2022-23106 Jenkins Configuration as Code Plugin 1.55 and earlier used a non-constant time comparison function when validating an authentication token allowing attackers to use statistical methods to obtain a valid authentication token. | CVSS3: 5.3 | 0% Низкий | около 4 лет назад |
| GHSA-fpj7-9xm6-8hgr Observable Discrepancy and Observable Timing Discrepancy in Jenkins Configuration as Code Plugin | CVSS3: 3.7 | 0% Низкий | около 4 лет назад |
Уязвимостей на страницу