🔍Uncovering critical vulnerabilities in Jenkins, which could lead to RCE... - Jenkins

SonarResearch, 4 months ago

🔍Uncovering critical vulnerabilities in Jenkins, which could lead to RCE (CVE-2024-23898, CVE-2024-23897):

Check out our latest blog post for the technical details on how attackers could potentially gain unauthenticated RCE on #Jenkins

https://www.sonarsource.com/blog/excessive-expansion-uncovering-critical-security-vulnerabilities-in-jenkins/?utm_medium=social&utm_source=mastodon&utm_campaign=research&utm_content=blog-excessive-expansion-uncovering-critical-security-vulnerabilities-in-jenkins-240125-p1&utm_term=ww_en_all_x

#appsec #security #vulnerability

reply

report

activity

copy /kbin url

copy original url

open original url

Loading...

+ Viss, raptor, AAKL

Image

Image alternative text

Federation

Status:

On | Off

Instances:

/m/jenkins

Threads (0)

Microblog (33)

All Content

People

Magazines

Collections

Thread

SonarResearch

@SonarResearch@infosec.exchange

Added: 4 months ago
Online: -
Boosts: 3

Magazine

Jenkins

@jenkins@kbin.social

Jenkins

Created: 1 year ago
Owner: skepickle
Subscribers: 25
Online: -

Moderators

skepickle

Active people

Around 45k Jenkins servers still vulnerable to attacks due to critical flaw - Tens of thousands of Jenkins servers have been exposed to a high-severity bug afte... - https://readwrite.com/around-45k-jenkins-servers-still-vulnerable-to-attacks-due-to-critical-flaw/ #developer #security #jenkins #servers #news

4 months ago to security

These are the two lines of code (minus some constants and file operations) that saved me a while lot of tediousness, today... #ruby #regex #programming #Jenkins...

8 months ago to ruby

Getting totally owned by this build issue after I updated to XCode 15....

7 months ago to cpp

If you're thinking of self-hosting your hmm #git and/or mirroring your existing repos on #GitHub, #gitlab, etc., then I recommend @forgejo !...

6 months ago to github

Add comment