← voltar
CVE-2022-20612

CVE-2022-20612

EPSS 1.8%
A cross-site request forgery (CSRF) vulnerability in Jenkins 2.329 and earlier, LTS 2.319.1 and earlier allows attackers to trigger build of job without parameters when no security realm is set.
Produtos afetados
Jenkins project · Jenkins

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://www.jenkins.io/security/advisory/2022-01-12/#SECURITY-2558https://www.oracle.com/security-alerts/cpuapr2022.htmlhttp://www.openwall.com/lists/oss-security/2022/01/12/6