Jenkins Zanata Plugin 0.6 and earlier uses a non-constant time comparison function when checking whether the provided and expected webhook token hashes are equal, potentially allowing attackers to use statistical methods to obtain a valid webhook...
5.3CVSS
5.1AI Score
0.0005EPSS
9.8CVSS
9.3AI Score
0.004EPSS