FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

jenkins -- multiple vulnerabilities

Affected packages
jenkins < 2.424
jenkins-lts < 2.414.2


VuXML ID 402fccd0-5b6d-11ee-9898-00e081b7aa2d
Discovery 2023-09-20
Entry 2023-09-25

Jenkins Security Advisory:


(Medium) SECURITY-3261 / CVE-2023-43494

Builds can be filtered by values of sensitive build variables

(High) SECURITY-3245 / CVE-2023-43495

Stored XSS vulnerability

(High) SECURITY-3072 / CVE-2023-43496

Temporary plugin file created with insecure permissions

(Low) SECURITY-3073 / CVE-2023-43497 (Stapler), CVE-2023-43498 (MultipartFormDataParser)

Temporary uploaded file created with insecure permissions


CVE Name CVE-2023-43494
CVE Name CVE-2023-43495
CVE Name CVE-2023-43496
CVE Name CVE-2023-43497