CVE-2023-28668
- Source
- https://cve.org/CVERecord?id=CVE-2023-28668
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-28668.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2023-28668
- Aliases
- Published
- 2023-04-02T21:15:08.767Z
- Modified
- 2025-11-14T12:06:22.001651Z
- Severity
-
- 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
Jenkins Role-based Authorization Strategy Plugin 587.v2872c41fa_e51 and earlier grants permissions even after they've been disabled.
- References
Affected packages
Git / github.com/jenkinsci/role-strategy-plugin
Affected ranges
- Type
- GIT
- Repo
- https://github.com/jenkinsci/role-strategy-plugin
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affected
Affected versions
483.*
483.v17281966f5c3
484.*
484.v8a_a_e4b_d785fd
488.*
488.v0634ce149b_8c
501.*
501.v88fe53d65c80
506.*
506.v13f908ee1fc9
508.*
508.v2a_f05b_05e9d8
510.*
510.v909834359ec2
521.*
521.vcf7a_3a_8dde42
526.*
526.v859673312a_14
530.*
530.ved5445d4875a_
546.*
546.ve16648865996
548.*
548.vb_60076577ec7
552.*
552.v14cb_85499b_89
555.*
555.v8d194cc85b_30
561.*
561.v9846c7351a_41
562.*
562.v44e9a_e828d0e
569.*
569.v7476f8e4fe29
575.*
575.v4d286a_03e6d7
584.*
584.vf8e515397ecd
587.*
587.v2872c41fa_e51
role-strategy-1.*
role-strategy-1.1.3
role-strategy-2.*
role-strategy-2.1.0
role-strategy-2.10
role-strategy-2.11
role-strategy-2.12
role-strategy-2.13
role-strategy-2.14
role-strategy-2.15
role-strategy-2.16
role-strategy-2.2.0
role-strategy-2.3.0
role-strategy-2.3.1
role-strategy-2.3.2
role-strategy-2.4.0
role-strategy-2.5.0
role-strategy-2.5.1
role-strategy-2.6.0
role-strategy-2.6.1
role-strategy-2.7.0
role-strategy-2.8.0
role-strategy-2.8.1
role-strategy-2.8.2
role-strategy-2.9.0
role-strategy-3.*
role-strategy-3.0
role-strategy-3.1
role-strategy-3.1.1
role-strategy-3.2.0