CVE-2023-40343

Published: 2023-08-16T15:15Z

Last Modified: 2024-11-21T08:19Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

Jenkins Tuleap Authentication Plugin 1.1.20 and earlier uses a non-constant time comparison function when validating an authentication token allowing attackers to use statistical methods to obtain a valid authentication token. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt