Back to bug 2232426

Who When What Removed Added
Zack Miele 2023-08-16 19:51:05 UTC Blocks 2232427
Zack Miele 2023-08-16 19:51:32 UTC Summary CVE-2023-40338 Re: Multiple vulnerabilities in Jenkins plugins TRIAGE-CVE-2023-40338 Re: Multiple vulnerabilities in Jenkins plugins
Alias CVE-2023-40338 TRIAGE-CVE-2023-40338
Zack Miele 2023-08-16 19:56:04 UTC CC dfreiber, jburrell, rogbas, vkumar
Guilherme de Almeida Suckevicz 2023-08-16 20:31:25 UTC Summary TRIAGE-CVE-2023-40338 Re: Multiple vulnerabilities in Jenkins plugins TRIAGE-CVE-2023-40338 jenkins-plugins: cloudbees-folder: Information disclosure in Folders Plugin
Avinash Hanwate 2023-08-17 06:56:05 UTC Doc Text A flaw was found in the Jenkins Folders plugin. Affected versions of this plugin displays an error message that includes an absolute path of a log file when attempting to access the Scan Organization Folder Log if no logs are available, exposing information about the Jenkins controller file system.
Fixed In Version Folders Plugin 6.848.ve3b_fd7839a_81
Summary TRIAGE-CVE-2023-40338 jenkins-plugins: cloudbees-folder: Information disclosure in Folders Plugin CVE-2023-40338 jenkins-plugins: cloudbees-folder: Information disclosure in Folders Plugin
Alias TRIAGE-CVE-2023-40338 CVE-2023-40338
RaTasha Tillery-Smith 2023-08-17 12:41:35 UTC Doc Text A flaw was found in the Jenkins Folders plugin. Affected versions of this plugin displays an error message that includes an absolute path of a log file when attempting to access the Scan Organization Folder Log if no logs are available, exposing information about the Jenkins controller file system. A flaw was found in the Jenkins Folders plugin. Affected versions of this plugin display an error message that includes an absolute path of a log file when attempting to access the Scan Organization Folder Log if no logs are available. This flaw exposes information about the Jenkins controller file system.

Back to bug 2232426