Security Advisory

CVE-2023-27901

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-03-08 17:14:50

Last updated 2025-02-28 18:45:56

Assigner jenkins

State PUBLISHED

Description

Jenkins 2.393 and earlier, LTS 2.375.3 and earlier uses the Apache Commons FileUpload library without specifying limits for the number of request parts introduced in version 1.5 for CVE-2023-24998 in org.kohsuke.stapler.RequestImpl, allowing attackers to trigger a denial of service.

← Browse all CVEs View on cve.org ↗