Approved changes feed: RSS · Atom

cpe:2.3:a:servicenow:jenkins_plug-in_for_servicenow_devops:*:*:*:*:*:*:*:*

part: a version: * update: *

VendorServicenow (0282357a-abe6-5eb0-ac66-0fd9d8780053)
ProductJenkins Plug In For Servicenow Devops (1fc5a304-4c88-58e5-9090-b0dde169a350)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from gcve-enriched-dumps CVE data

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2023-3442 vulnerable 2026-06-08 06:09:39.570002 Missing Authorization in Jenkins plug-in for ServiceNow DevOps
HIGH (7.7)
A missing authorization vulnerability exists in versions of the Jenkins Plug-in for ServiceNow DevOps prior to 1.38.1 that, if exploited successfully, could cause the unwanted exposure of sensitive information. To address this issue, apply the 1.38.1 version of the Jenkins plug-in for ServiceNow DevOps on your Jenkins server. No changes are required on your instances of the Now Platform.
Published: 2023-07-26T18:32:19.787Z
Updated: 2024-10-15T15:53:14.154Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2023-3414 vulnerable 2026-06-08 06:09:39.511462 Cross-Site Request Forgery (CSRF) in Jenkins Plug-in for ServiceNow DevOps
MEDIUM (6.1)
A cross-site request forgery vulnerability exists in versions of the Jenkins Plug-in for ServiceNow DevOps prior to 1.38.1 that, if exploited successfully, could cause the unwanted exposure of sensitive information. To address this issue, apply the 1.38.1 version of the Jenkins plug-in for ServiceNow DevOps on your Jenkins server. No changes are required on your instances of the Now Platform.
Published: 2023-07-26T18:20:18.253Z
Updated: 2024-10-15T15:54:57.698Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.