CVE-2023-40348: Jenkins Gogs Plugin vulnerable to unsafe default behavior and information disclosure
(updated )
The webhook endpoint in Jenkins Gogs Plugin 1.0.15 and earlier provides unauthenticated attackers information about the existence of jobs in its output.
References
Detect and mitigate CVE-2023-40348 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →