Confirm vulnerability resolved in version 2.462.3

rakoskej · February 10, 2025, 7:14pm

Wanted to confirm the following vulnerability has been addressed in Jenkins version 2.462.3.

krachynski · February 10, 2025, 8:28pm

Is there a specific CVE among the seven listed that you were referring to?

krachynski · February 10, 2025, 8:31pm

I got the time to read further, the linked document does explictly state that the two core vulnerabilities are fixed in 2.462.3 and later.

rakoskej · February 10, 2025, 8:40pm

Apologies. This was specific to CVE-2024-23897. Thank you for confirming.

Topic		Replies	Views
Discrepancy between Jenkins Documentation and CVE Sources for CVE-2024-23897 Using Jenkins sig-security	0	215	February 28, 2024
Is Jenkins@2.332.2 and Jenkins@2.332.3 supported/patched? Using Jenkins	1	522	December 1, 2022
Security Vulnerabilities Faced in Jenkins for 2.469 version Ask a question	2	30	August 28, 2024
Mitigating CVE-2023-27898 XSS vulnerability in plugin manager and related Ask a question question , sig-security	1	904	March 16, 2023
CVE-2024-23898, CVE-2023-27899 and CVE-2023-43496 vulnerabilities on jenkins/jenkins:2.448-alpine-jdk17 Community question	7	616	March 13, 2024