New Security Flaws in Jenkins Could Allow Code Execution Attacks
New Security Flaws in Jenkins Could Allow Code Execution Attacks
09 March 2023
The flaws, tracked as CVE-2023-27898 and CVE-2023-27905, impact the Jenkins server and Update Center, and have been collectively christened CorePlague by cloud security firm Aqua. All versions of Jenkins versions prior to 2.319.2 are vulnerable.