Skip to main content

Red Hat Dependency Analytics

1 CVEs product

Monthly

CVE-2024-23905 Maven MEDIUM PATCH This Month

Jenkins Red Hat Dependency Analytics Plugin 0.7.1 and earlier programmatically disables Content-Security-Policy protection for user-generated content in workspaces, archived artifacts, etc. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Red Hat Jenkins Red Hat Dependency Analytics
NVD
CVSS 3.1
5.4
EPSS
0.6%
EPSS 1% CVSS 5.4
MEDIUM PATCH This Month

Jenkins Red Hat Dependency Analytics Plugin 0.7.1 and earlier programmatically disables Content-Security-Policy protection for user-generated content in workspaces, archived artifacts, etc. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Red Hat Jenkins +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy