发布于3月6日3月6日 Members FreeBSD: VID-F68BB358-BE8E-11ED-9215-00E081B7AA2D (CVE-2023-27901): jenkins -- multiple vulnerabilities Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 03/08/2023 Created 03/24/2023 Added 03/23/2023 Modified 01/28/2025 Description Jenkins 2.393 and earlier, LTS 2.375.3 and earlier uses the Apache Commons FileUpload library without specifying limits for the number of request parts introduced in version 1.5 for CVE-2023-24998 in org.kohsuke.stapler.RequestImpl, allowing attackers to trigger a denial of service. Solution(s) freebsd-upgrade-package-jenkins freebsd-upgrade-package-jenkins-lts References CVE-2023-27901
