CVE-2023-27900 – org.jenkins-ci.main:jenkins-core

Package

Manager: maven
Name: org.jenkins-ci.main:jenkins-core
Vulnerable Version: >=2.388 <2.394 || >=0 <2.375.4 || >=2.376 <2.387.1

Severity

Level: Medium

CVSS v3.1: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

EPSS: 0.00111 pctl0.302

Details

Denial of service in Jenkins Core Jenkins 2.393 and earlier, LTS 2.375.3 and earlier, and prior to LTS 2.387.1 is affected by the Apache Commons FileUpload library’s vulnerability CVE-2023-24998. This library is used to process uploaded files via the Stapler web framework (usually through StaplerRequest#getFile) and MultipartFormDataParser in Jenkins. This allows attackers to cause a denial of service (DoS) by sending crafted requests to HTTP endpoints processing file uploads. Jenkins 2.394, LTS 2.375.4, and LTS 2.387.1 limits the number of request parts to be processed to 1000. Specific endpoints receiving only simple form submissions have a lower limit.

Metadata

Created: 2023-03-10T21:30:19Z
Modified: 2024-01-05T16:21:00Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/03/GHSA-frgr-c5f2-8qhh/GHSA-frgr-c5f2-8qhh.json
CWE IDs: ["CWE-770"]
Alternative ID: GHSA-frgr-c5f2-8qhh
Finding: F029
Auto approve: 1