What is RHSA-2023:6171?

RHSA-2023:6171 is a security advisory published by Red Hat Product Security with Critical severity. Red Hat Security Advisory: Red Hat Product OCP Tools 4.11 Openshift Jenkins security update

What is the CVSS v3 score of RHSA-2023:6171?

RHSA-2023:6171 has a CVSS v3 base score of 9.8, published by Red Hat Product Security.

RHSA-2023:6171CriticalCVSS 9.8

Red Hat Security Advisory: Red Hat Product OCP Tools 4.11 Openshift Jenkins security update

Vendor

Red Hat Product Security

Published

October 30, 2023

Last Modified

May 23, 2026

🔗 CVE IDs covered (9)

CVE-2023-25761 →CVE-2023-25762 →CVE-2023-39325 →CVE-2022-1471 →CVE-2022-29599 →CVE-2022-42889 →CVE-2023-24422 →CVE-2023-27903 →CVE-2023-27904 →

📋 Description

CVE-2022-1471 — SnakeYaml: Constructor Deserialization Remote Code Execution CVE-2022-29599 — maven-shared-utils: Command injection via Commandline class CVE-2022-42889 — apache-commons-text: variable interpolation RCE CVE-2023-24422 — jenkins-2-plugins/script-security: Sandbox bypass vulnerability in Script Security Plugin CVE-2023-25761 — jenkins-2-plugins/JUnit: Stored XSS vulnerability in JUnit Plugin CVE-2023-25762 — jenkins-2-plugins/pipeline-build-step: Stored XSS vulnerability in Pipeline: Build Step Plugin CVE-2023-27903 — Jenkins: Temporary file parameter created with insecure permissions CVE-2023-27904 — Jenkins: Information disclosure through error stack traces related to agents CVE-2023-39325 — golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)

🔗 CVE IDs covered (9)

📋 Description

🔗 References (3)