Lucene search
Alpine Linux Development TeamALPINE:CVE-2023-24458HistoryJan 26, 2023 - 9:18 p.m.
CVE-2023-24458
2023-01-2621:18:19
Alpine Linux Development Team
security.alpinelinux.org
17
cve-2023-24458
cross-site request forgery
jenkins bearychat plugin
attackers
url
unix
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
33.0%
A cross-site request forgery (CSRF) vulnerability in Jenkins BearyChat Plugin 3.0.2 and earlier allows attackers to connect to an attacker-specified URL.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Alpine | 3.17-community | noarch | jenkins | = 2.361.2-r0 | UNKNOWN |
| Alpine | 3.18-community | noarch | jenkins | = 2.387.3-r0 | UNKNOWN |
| Alpine | 3.19-community | noarch | jenkins | = 2.440.3-r0 | UNKNOWN |
| Alpine | 3.20-community | noarch | jenkins | = 2.440.2-r0 | UNKNOWN |
| Alpine | edge-community | noarch | jenkins | = 2.462.1-r0 | UNKNOWN |
Related
cve
cve
CVE-2023-24458
2023-01-26 21:18:19
github
github
Cross-site request forgery vulnerability in Jenkins BearyChat Plugin
2023-01-26 21:30:17
nvd
nvd
CVE-2023-24458
2023-01-26 21:18:19
osv
osv
CVE-2023-24458
2023-01-26 21:18:19
Cross-site request forgery vulnerability in Jenkins BearyChat Plugin
2023-01-26 21:30:17
prion
prion
Cross site request forgery (csrf)
2023-01-26 21:18:00
cvelist
cvelist
CVE-2023-24458
2023-01-24 00:00:00
nessus
nessus
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
33.0%
Related for ALPINE:CVE-2023-24458