VYPR

Maven package

io.jenkins.plugins/teams-webhook-trigger

pkg:maven/io.jenkins.plugins/teams-webhook-trigger

Vulnerabilities (1)

  • CVE-2023-46658Oct 25, 2023
    affected <= 0.1.1

    Jenkins MSTeams Webhook Trigger Plugin 0.1.1 and earlier uses a non-constant time comparison function when checking whether the provided and expected webhook token are equal, potentially allowing attackers to use statistical methods to obtain a valid webhook token.