RHSA-2024:0777
- Source
- https://access.redhat.com/errata/RHSA-2024:0777
- Import Source
- https://security.access.redhat.com/data/osv/RHSA-2024:0777.json
- JSON Data
- https://api.osv.dev/v1/vulns/RHSA-2024:0777
- Related
- Published
- 2024-10-02T11:39:23Z
- Modified
- 2024-10-31T05:36:53Z
- Severity
-
- 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- Red Hat Security Advisory: jenkins and jenkins-2-plugins security update
- Details
- References
-
- https://access.redhat.com/errata/RHSA-2024:0777
- https://access.redhat.com/security/updates/classification/#important
- https://access.redhat.com/security/vulnerabilities/RHSB-2023-003
- https://bugzilla.redhat.com/show_bug.cgi?id=2066479
- https://bugzilla.redhat.com/show_bug.cgi?id=2126789
- https://bugzilla.redhat.com/show_bug.cgi?id=2135435
- https://bugzilla.redhat.com/show_bug.cgi?id=2164278
- https://bugzilla.redhat.com/show_bug.cgi?id=2170039
- https://bugzilla.redhat.com/show_bug.cgi?id=2170041
- https://bugzilla.redhat.com/show_bug.cgi?id=2215214
- https://bugzilla.redhat.com/show_bug.cgi?id=2215229
- https://bugzilla.redhat.com/show_bug.cgi?id=2222709
- https://bugzilla.redhat.com/show_bug.cgi?id=2222710
- https://bugzilla.redhat.com/show_bug.cgi?id=2232422
- https://bugzilla.redhat.com/show_bug.cgi?id=2232423
- https://bugzilla.redhat.com/show_bug.cgi?id=2232424
- https://bugzilla.redhat.com/show_bug.cgi?id=2232425
- https://bugzilla.redhat.com/show_bug.cgi?id=2232426
- https://bugzilla.redhat.com/show_bug.cgi?id=2242803
- https://bugzilla.redhat.com/show_bug.cgi?id=2243296
- https://issues.redhat.com/browse/JKNS-271
- https://issues.redhat.com/browse/JKNS-289
- https://issues.redhat.com/browse/JKNS-337
- https://issues.redhat.com/browse/JKNS-344
- https://issues.redhat.com/browse/JKNS-345
- https://issues.redhat.com/browse/OCPBUGS-11158
- https://issues.redhat.com/browse/OCPBUGS-11253
- https://issues.redhat.com/browse/OCPBUGS-11254
- https://issues.redhat.com/browse/OCPBUGS-11446
- https://issues.redhat.com/browse/OCPBUGS-1357
- https://issues.redhat.com/browse/OCPBUGS-13869
- https://issues.redhat.com/browse/OCPBUGS-14111
- https://issues.redhat.com/browse/OCPBUGS-14609
- https://issues.redhat.com/browse/OCPBUGS-15646
- https://issues.redhat.com/browse/OCPBUGS-15902
- https://issues.redhat.com/browse/OCPBUGS-1709
- https://issues.redhat.com/browse/OCPBUGS-1942
- https://issues.redhat.com/browse/OCPBUGS-2099
- https://issues.redhat.com/browse/OCPBUGS-2184
- https://issues.redhat.com/browse/OCPBUGS-2318
- https://issues.redhat.com/browse/OCPBUGS-23438
- https://issues.redhat.com/browse/OCPBUGS-27388
- https://issues.redhat.com/browse/OCPBUGS-655
- https://issues.redhat.com/browse/OCPBUGS-6579
- https://issues.redhat.com/browse/OCPBUGS-6870
- https://issues.redhat.com/browse/OCPBUGS-710
- https://issues.redhat.com/browse/OCPBUGS-8377
- https://issues.redhat.com/browse/OCPBUGS-8442
- https://issues.redhat.com/browse/OCPTOOLS-244
- https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_0777.json
- https://access.redhat.com/security/cve/CVE-2022-25857
- https://www.cve.org/CVERecord?id=CVE-2022-25857
- https://nvd.nist.gov/vuln/detail/CVE-2022-25857
- https://bitbucket.org/snakeyaml/snakeyaml/issues/525
- https://access.redhat.com/security/cve/CVE-2022-29599
- https://www.cve.org/CVERecord?id=CVE-2022-29599
- https://nvd.nist.gov/vuln/detail/CVE-2022-29599
- https://access.redhat.com/security/cve/CVE-2022-42889
- https://www.cve.org/CVERecord?id=CVE-2022-42889
- https://nvd.nist.gov/vuln/detail/CVE-2022-42889
- https://blogs.apache.org/security/entry/cve-2022-42889
- https://lists.apache.org/thread/n2bd4vdsgkqh2tm14l1wyc3jyol7s1om
- https://seclists.org/oss-sec/2022/q4/22
- https://access.redhat.com/security/cve/CVE-2023-2976
- https://www.cve.org/CVERecord?id=CVE-2023-2976
- https://nvd.nist.gov/vuln/detail/CVE-2023-2976
- https://access.redhat.com/security/cve/CVE-2023-24422
- https://www.cve.org/CVERecord?id=CVE-2023-24422
- https://nvd.nist.gov/vuln/detail/CVE-2023-24422
- https://www.jenkins.io/security/advisory/2023-01-24/#SECURITY-3016
- https://access.redhat.com/security/cve/CVE-2023-25761
- https://www.cve.org/CVERecord?id=CVE-2023-25761
- https://nvd.nist.gov/vuln/detail/CVE-2023-25761
- https://www.jenkins.io/security/advisory/2023-02-15/#SECURITY-3032
- https://access.redhat.com/security/cve/CVE-2023-25762
- https://www.cve.org/CVERecord?id=CVE-2023-25762
- https://nvd.nist.gov/vuln/detail/CVE-2023-25762
- https://www.jenkins.io/security/advisory/2023-02-15/#SECURITY-3019
- https://access.redhat.com/security/cve/CVE-2023-35116
- https://www.cve.org/CVERecord?id=CVE-2023-35116
- https://nvd.nist.gov/vuln/detail/CVE-2023-35116
- https://access.redhat.com/security/cve/CVE-2023-37946
- https://www.cve.org/CVERecord?id=CVE-2023-37946
- https://nvd.nist.gov/vuln/detail/CVE-2023-37946
- https://www.jenkins.io/security/advisory/2023-07-12/#SECURITY-2998
- https://access.redhat.com/security/cve/CVE-2023-37947
- https://www.cve.org/CVERecord?id=CVE-2023-37947
- https://nvd.nist.gov/vuln/detail/CVE-2023-37947
- https://www.jenkins.io/security/advisory/2023-07-12/#SECURITY-2999
- https://access.redhat.com/security/cve/CVE-2023-39325
- https://www.cve.org/CVERecord?id=CVE-2023-39325
- https://nvd.nist.gov/vuln/detail/CVE-2023-39325
- https://access.redhat.com/security/cve/CVE-2023-44487
- https://go.dev/issue/63417
- https://pkg.go.dev/vuln/GO-2023-2102
- https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487
- https://access.redhat.com/security/cve/CVE-2023-40336
- https://www.cve.org/CVERecord?id=CVE-2023-40336
- https://nvd.nist.gov/vuln/detail/CVE-2023-40336
- https://www.jenkins.io/security/advisory/2023-08-16/#SECURITY-3106
- https://access.redhat.com/security/cve/CVE-2023-40337
- https://www.cve.org/CVERecord?id=CVE-2023-40337
- https://nvd.nist.gov/vuln/detail/CVE-2023-40337
- https://www.jenkins.io/security/advisory/2023-08-16/#SECURITY-3105
- https://access.redhat.com/security/cve/CVE-2023-40338
- https://www.cve.org/CVERecord?id=CVE-2023-40338
- https://nvd.nist.gov/vuln/detail/CVE-2023-40338
- https://www.jenkins.io/security/advisory/2023-08-16/#SECURITY-3109
- https://access.redhat.com/security/cve/CVE-2023-40339
- https://www.cve.org/CVERecord?id=CVE-2023-40339
- https://nvd.nist.gov/vuln/detail/CVE-2023-40339
- https://www.jenkins.io/security/advisory/2023-08-16/#SECURITY-3090
- https://access.redhat.com/security/cve/CVE-2023-40341
- https://www.cve.org/CVERecord?id=CVE-2023-40341
- https://nvd.nist.gov/vuln/detail/CVE-2023-40341
- https://www.jenkins.io/security/advisory/2023-08-16/#SECURITY-3116
- https://www.cve.org/CVERecord?id=CVE-2023-44487
- https://nvd.nist.gov/vuln/detail/CVE-2023-44487
- https://github.com/dotnet/announcements/issues/277
- https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog
Affected packages
Red Hat:ocp_tools:4.14::el8 / jenkins-2-plugins
Package
- Name
- jenkins-2-plugins
- Purl
- pkg:rpm/redhat/jenkins-2-plugins