Maven package
igalg.jenkins.plugins/multibranch-scan-webhook-trigger
pkg:maven/igalg.jenkins.plugins/multibranch-scan-webhook-trigger
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-46656 | — | <= 1.0.9 | — | Oct 25, 2023 | Jenkins Multibranch Scan Webhook Trigger Plugin 1.0.9 and earlier uses a non-constant time comparison function when checking whether the provided and expected webhook token are equal, potentially allowing attackers to use statistical methods to obtain a valid webhook token. |
- CVE-2023-46656Oct 25, 2023affected <= 1.0.9
Jenkins Multibranch Scan Webhook Trigger Plugin 1.0.9 and earlier uses a non-constant time comparison function when checking whether the provided and expected webhook token are equal, potentially allowing attackers to use statistical methods to obtain a valid webhook token.