RHSA-2023:6171

Advisory lineage Upstream: 9 Downstream: 0

Upstream

CVE-2022-1471 CVE-2022-29599 CVE-2022-42889 CVE-2023-24422 CVE-2023-25761 CVE-2023-25762

Published: 02 Oct 2024, 11:28

Last modified:04 Jun 2026, 10:02

Vulnerability Summary

Overall Risk (default)

high

70/100

CVSS Score

9.8 CRITICAL

3.1 (osv_red_hat)

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

02 Oct 2024, 11:28

Published

Vulnerability first disclosed

04 Jun 2026, 10:02

Last Modified

Vulnerability information updated

Description

Red Hat Security Advisory: Red Hat Product OCP Tools 4.11 Openshift Jenkins security update

CVSS Metrics

v3.1•CRITICAL•Score: 9.8CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Systems

redhat•jenkins
< 0:2.414.3.1698298955-3.el8
redhat•jenkins-2-plugins
< 0:4.11.1698299029-1.el8

References (53)

https://access.redhat.com/errata/RHSA-2023:6171
https://access.redhat.com/security/updates/classification/#critical
https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_6171.json
https://access.redhat.com/security/cve/CVE-2022-1471
https://bugzilla.redhat.com/show_bug.cgi?id=2150009
https://www.cve.org/CVERecord?id=CVE-2022-1471
https://nvd.nist.gov/vuln/detail/CVE-2022-1471
https://github.com/google/security-research/security/advisories/GHSA-mjmj-j48q-9wg2
https://access.redhat.com/security/cve/CVE-2022-29599
https://bugzilla.redhat.com/show_bug.cgi?id=2066479
https://www.cve.org/CVERecord?id=CVE-2022-29599
https://nvd.nist.gov/vuln/detail/CVE-2022-29599
https://access.redhat.com/security/cve/CVE-2022-42889
https://bugzilla.redhat.com/show_bug.cgi?id=2135435
https://www.cve.org/CVERecord?id=CVE-2022-42889
https://nvd.nist.gov/vuln/detail/CVE-2022-42889
https://blogs.apache.org/security/entry/cve-2022-42889
https://lists.apache.org/thread/n2bd4vdsgkqh2tm14l1wyc3jyol7s1om
https://seclists.org/oss-sec/2022/q4/22
https://access.redhat.com/security/cve/CVE-2023-24422
https://bugzilla.redhat.com/show_bug.cgi?id=2164278
https://www.cve.org/CVERecord?id=CVE-2023-24422
https://nvd.nist.gov/vuln/detail/CVE-2023-24422
https://www.jenkins.io/security/advisory/2023-01-24/#SECURITY-3016
https://access.redhat.com/security/cve/CVE-2023-25761
https://bugzilla.redhat.com/show_bug.cgi?id=2170039
https://www.cve.org/CVERecord?id=CVE-2023-25761
https://nvd.nist.gov/vuln/detail/CVE-2023-25761
https://www.jenkins.io/security/advisory/2023-02-15/#SECURITY-3032
https://access.redhat.com/security/cve/CVE-2023-25762
https://bugzilla.redhat.com/show_bug.cgi?id=2170041
https://www.cve.org/CVERecord?id=CVE-2023-25762
https://nvd.nist.gov/vuln/detail/CVE-2023-25762
https://www.jenkins.io/security/advisory/2023-02-15/#SECURITY-3019
https://access.redhat.com/security/cve/CVE-2023-27903
https://bugzilla.redhat.com/show_bug.cgi?id=2177632
https://www.cve.org/CVERecord?id=CVE-2023-27903
https://nvd.nist.gov/vuln/detail/CVE-2023-27903
https://www.jenkins.io/security/advisory/2023-03-08/#SECURITY-3058
https://access.redhat.com/security/cve/CVE-2023-27904
https://bugzilla.redhat.com/show_bug.cgi?id=2177634
https://www.cve.org/CVERecord?id=CVE-2023-27904
https://nvd.nist.gov/vuln/detail/CVE-2023-27904
https://www.jenkins.io/security/advisory/2023-03-08/#SECURITY-2120
https://access.redhat.com/security/cve/CVE-2023-39325
https://bugzilla.redhat.com/show_bug.cgi?id=2243296
https://access.redhat.com/security/vulnerabilities/RHSB-2023-003
https://www.cve.org/CVERecord?id=CVE-2023-39325
https://nvd.nist.gov/vuln/detail/CVE-2023-39325
https://access.redhat.com/security/cve/CVE-2023-44487
https://go.dev/issue/63417
https://pkg.go.dev/vuln/GO-2023-2102
https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487