Ãë¾àÁ¡ID |
210269 |
À§Çèµµ |
40 |
Æ÷Æ® |
80, ... |
ÇÁ·ÎÅäÄÝ |
TCP |
ºÐ·ù |
WWW |
»ó¼¼¼³¸í |
ÀÚü º¸°íµÈ ¹öÀü ¹øÈ£¿¡ µû¸£¸é ¿ø°Ý À¥ ¼¹ö¿¡¼ ½ÇÇàµÇ´Â Jenkins ¹öÀüÀº 2.426.3 ÀÌÀüÀÇ Jenkins LTS ¶Ç´Â 2.442 ÀÌÀüÀÇ Jenkins weeklyÀÔ´Ï´Ù. µû¶ó¼ ´ÙÀ½°ú °°Àº ¿©·¯ Ãë¾àÁ¡ÀÇ ¿µÇâÀ» ¹Þ½À´Ï´Ù.
- Jenkins 2.441 ÀÌÀü, LTS 2.426.2 ÀÌÀü¿¡´Â ÆÄÀÏ ³»¿ëÀÌ ÀÖ´Â Àμö¿¡¼ µÚ¿¡ ÆÄÀÏ °æ·Î°¡ ÀÖ´Â '@' ¹®ÀÚ¸¦ ´ëüÇÏ´Â CLI ¸í·É ±¸¹® ºÐ¼®±âÀÇ ±â´ÉÀ» ºñÈ°¼ºÈÇÏÁö ¾Ê½À´Ï´Ù. ÀÌ·Î ÀÎÇØ ÀÎÁõµÇÁö ¾ÊÀº °ø°ÝÀÚ°¡ Jenkins ÄÁÆ®·Ñ·¯ ÆÄÀÏ ½Ã½ºÅÛÀÇ ¸ðµç ÆÄÀÏÀ» ÀÐÀ» ¼ö ÀÖ½À´Ï´Ù. (CVE-2024-23897) - Jenkins 2.217 ~ 2.441 (µÑ ´Ù Æ÷ÇÔ) , Å©·Î½º »çÀÌÆ® WebSocket Å»Ãë (CSWSH) Ãë¾àÁ¡ÀÌ ¹ß»ýÇÏ°í °ø°ÝÀÚ°¡ Jenkins ÄÁÆ®·Ñ·¯¿¡¼ CLI ¸í·ÉÀ» ½ÇÇàÇÒ ¼ö ÀÖ½À´Ï´Ù. (CVE-2024-23898)
* Âü°í »çÀÌÆ®: https://jenkins.io/security/advisory/2024-01-24
* ¿µÇâÀ» ¹Þ´Â Ç÷§Æû: Jenkins 2.442 ÀÌÇÏ ¹öÀü Any operating system Any version |
ÇØ°áÃ¥ |
Jenkins À¥ »çÀÌÆ®ÀÎ https://jenkins.io/download ¿¡¼ ±¸ÇÒ ¼ö ÀÖ´Â JenkinsÀÇ °¡Àå ÃֽŠ¹öÀü(2.442 ȤÀº ÀÌÈÄ)À¸·Î ¾÷±×·¹À̵å ÇÑ´Ù. |
°ü·Ã URL |
CVE-2024-23897,CVE-2024-23898 (CVE) |
°ü·Ã URL |
(SecurityFocus) |
°ü·Ã URL |
(ISS) |
|