Zanata Jenkins Zanata

Do you want an email whenever new security vulnerabilities are reported in Jenkins Zanata?

By the Year

In 2023 there have been 1 vulnerability in Jenkins Zanata with an average score of 5.3 out of ten. Zanata did not have any published security vulnerabilities last year. That is, 1 more vulnerability have already been reported in 2023 as compared to last year.

Year Vulnerabilities Average Score
2023 1 5.30
2022 0 0.00
2021 0 0.00
2020 0 0.00
2019 0 0.00
2018 0 0.00

It may take a day or so for new Zanata vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Jenkins Zanata Security Vulnerabilities

Jenkins Zanata Plugin 0.6 and earlier uses a non-constant time comparison function when checking whether the provided and expected webhook token hashes are equal, potentially

CVE-2023-46660 5.3 - Medium - October 25, 2023

Jenkins Zanata Plugin 0.6 and earlier uses a non-constant time comparison function when checking whether the provided and expected webhook token hashes are equal, potentially allowing attackers to use statistical methods to obtain a valid webhook token.

Incorrect Comparison

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Jenkins Zanata or by Jenkins? Click the Watch button to subscribe.

Jenkins
Vendor

subscribe