VYPR

Maven package

igalg.jenkins.plugins/multibranch-scan-webhook-trigger

pkg:maven/igalg.jenkins.plugins/multibranch-scan-webhook-trigger

Vulnerabilities (1)

  • CVE-2023-46656Oct 25, 2023
    affected <= 1.0.9

    Jenkins Multibranch Scan Webhook Trigger Plugin 1.0.9 and earlier uses a non-constant time comparison function when checking whether the provided and expected webhook token are equal, potentially allowing attackers to use statistical methods to obtain a valid webhook token.