Maven package
org.jenkins-ci.plugins/cloudbees-folder
pkg:maven/org.jenkins-ci.plugins/cloudbees-folder
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-40338 | Med | 4.3 | < 6.848.ve3b | 6.848.ve3b | Aug 16, 2023 | Jenkins Folders Plugin 6.846.v23698686f0f6 and earlier displays an error message that includes an absolute path of a log file when attempting to access the Scan Organization Folder Log if no logs are available, exposing information about the Jenkins controller file system. | |
| CVE-2023-40337 | Med | 4.3 | < 6.848.ve3b | 6.848.ve3b | Aug 16, 2023 | A cross-site request forgery (CSRF) vulnerability in Jenkins Folders Plugin 6.846.v23698686f0f6 and earlier allows attackers to copy a view inside a folder. | |
| CVE-2023-40336 | Hig | 8.8 | < 6.848.ve3b | 6.848.ve3b | Aug 16, 2023 | A cross-site request forgery (CSRF) vulnerability in Jenkins Folders Plugin 6.846.v23698686f0f6 and earlier allows attackers to copy folders. |
- affected < 6.848.ve3bfixed 6.848.ve3b
Jenkins Folders Plugin 6.846.v23698686f0f6 and earlier displays an error message that includes an absolute path of a log file when attempting to access the Scan Organization Folder Log if no logs are available, exposing information about the Jenkins controller file system.
- affected < 6.848.ve3bfixed 6.848.ve3b
A cross-site request forgery (CSRF) vulnerability in Jenkins Folders Plugin 6.846.v23698686f0f6 and earlier allows attackers to copy a view inside a folder.
- affected < 6.848.ve3bfixed 6.848.ve3b
A cross-site request forgery (CSRF) vulnerability in Jenkins Folders Plugin 6.846.v23698686f0f6 and earlier allows attackers to copy folders.