Jenkins Security Alert: New Security Flaws Could Allow Code Execution Attacks

By Ravie Lakshmanan

A pair of severe security vulnerabilities have been disclosed in the Jenkins open source automation server that could lead to code execution on targeted systems. The flaws, tracked as CVE-2023-27898 and CVE-2023-27905, impact the Jenkins server and Update Center, and have been collectively christened CorePlague by cloud security firm Aqua. All versions of Jenkins versions prior to 2.319.2 are

Related tags
March 8^th 2023 at 16:30

The Hacker News
Critical Jenkins Vulnerability Exposes Servers to RCE Attacks - Patch ASAP!
January 25^th 2024 at 11:57

Critical Jenkins Vulnerability Exposes Servers to RCE Attacks - Patch ASAP!

By Newsroom

The maintainers of the open-source continuous integration/continuous delivery and deployment (CI/CD) automation software Jenkins have resolved nine security flaws, including a critical bug that, if successfully exploited, could result in remote code execution (RCE). The issue, assigned the CVE identifier CVE-2024-23897, has been described as an arbitrary file read vulnerability through the

Related tags
January 25^th 2024 at 11:57