Maven package
io.jenkins.plugins/teams-webhook-trigger
pkg:maven/io.jenkins.plugins/teams-webhook-trigger
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-46658 | — | <= 0.1.1 | — | Oct 25, 2023 | Jenkins MSTeams Webhook Trigger Plugin 0.1.1 and earlier uses a non-constant time comparison function when checking whether the provided and expected webhook token are equal, potentially allowing attackers to use statistical methods to obtain a valid webhook token. |
- CVE-2023-46658Oct 25, 2023affected <= 0.1.1
Jenkins MSTeams Webhook Trigger Plugin 0.1.1 and earlier uses a non-constant time comparison function when checking whether the provided and expected webhook token are equal, potentially allowing attackers to use statistical methods to obtain a valid webhook token.