Skip to main content

Tuleap Authentication

1 CVEs product

Monthly

CVE-2023-40343 Maven MEDIUM PATCH This Month

Jenkins Tuleap Authentication Plugin 1.1.20 and earlier uses a non-constant time comparison function when validating an authentication token allowing attackers to use statistical methods to obtain a. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Jenkins Information Disclosure Tuleap Authentication
NVD
CVSS 3.1
5.9
EPSS
0.5%
EPSS 0% CVSS 5.9
MEDIUM PATCH This Month

Jenkins Tuleap Authentication Plugin 1.1.20 and earlier uses a non-constant time comparison function when validating an authentication token allowing attackers to use statistical methods to obtain a. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Jenkins Information Disclosure Tuleap Authentication
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy