Lucene search
Alpine Linux Development TeamALPINE:CVE-2023-37954HistoryJul 12, 2023 - 4:15 p.m.
CVE-2023-37954
2023-07-1216:15:13
Alpine Linux Development Team
security.alpinelinux.org
2
cve-2023-37954
cross-site request forgery
jenkins rebuilder plugin
csrf vulnerability
attackers
previous build
unix
4.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
0.0005 Low
EPSS
Percentile
17.6%
A cross-site request forgery (CSRF) vulnerability in Jenkins Rebuilder Plugin 320.v5a_0933a_e7d61 and earlier allows attackers to rebuild a previous build.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Alpine | 3.18-community | noarch | jenkins | = 2.387.3-r0 | UNKNOWN |
| Alpine | 3.19-community | noarch | jenkins | = 2.440.3-r0 | UNKNOWN |
| Alpine | 3.20-community | noarch | jenkins | = 2.440.2-r0 | UNKNOWN |
| Alpine | edge-community | noarch | jenkins | = 2.452.2-r0 | UNKNOWN |
Related
cve
cve
CVE-2023-37954
2023-07-12 16:15:13
veracode
veracode
Cross Site Request Forgery (CSRF)
2023-07-17 09:39:31
osv
osv
Jenkins Rebuilder Plugin vulnerable to Cross Site Request Forgery
2023-07-12 18:30:38
prion
prion
Cross site request forgery (csrf)
2023-07-12 16:15:00
nvd
nvd
CVE-2023-37954
2023-07-12 16:15:13
cvelist
cvelist
CVE-2023-37954
2023-07-12 15:52:54
github
github
Jenkins Rebuilder Plugin vulnerable to Cross Site Request Forgery
2023-07-12 18:30:38
4.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
0.0005 Low
EPSS
Percentile
17.6%
Related for ALPINE:CVE-2023-37954