Components
Vulnerabilities
Pricing
MCP
Docs
Sign up
Login
Find vulnerabilities. Fix fast with AI.
Search components by package, version, or CVE to get started.
Ecosystem
Package
Version
Vulnerabilities
CVE-2023-40343
CVE-2023-40343
Jenkins Tuleap Authentication Plugin 1.1.20 and earlier uses a non-constant time comparison function when validating an authentication token allowing attackers to use statistical methods to obtain a valid authentication token.
Published Feb 3, 2026
https://www.jenkins.io/security/advisory/2023-08-16/#SECURITY-3229
CVSS Score
Medium
5.9
Components Impacted
Components Impacted
Security Details
Security Details
Sonatype Research
Sonatype Research
Ecosystem
Package
Version
Ecosystem
Package
Version
maven
io.jenkins.plugins/tuleap-oauth
1.0.0
maven
io.jenkins.plugins/tuleap-oauth
1.1.0
maven
io.jenkins.plugins/tuleap-oauth
1.1.10
maven
io.jenkins.plugins/tuleap-oauth
1.1.11
maven
io.jenkins.plugins/tuleap-oauth
1.1.12
maven
io.jenkins.plugins/tuleap-oauth
1.1.13
maven
io.jenkins.plugins/tuleap-oauth
1.1.14
maven
io.jenkins.plugins/tuleap-oauth
1.1.15
maven
io.jenkins.plugins/tuleap-oauth
1.1.16
maven
io.jenkins.plugins/tuleap-oauth
1.1.17
maven
io.jenkins.plugins/tuleap-oauth
1.1.18
maven
io.jenkins.plugins/tuleap-oauth
1.1.19
maven
io.jenkins.plugins/tuleap-oauth
1.1.1
maven
io.jenkins.plugins/tuleap-oauth
1.1.20
maven
io.jenkins.plugins/tuleap-oauth
1.1.3
maven
io.jenkins.plugins/tuleap-oauth
1.1.4
maven
io.jenkins.plugins/tuleap-oauth
1.1.5
maven
io.jenkins.plugins/tuleap-oauth
1.1.6
maven
io.jenkins.plugins/tuleap-oauth
1.1.7
maven
io.jenkins.plugins/tuleap-oauth
1.1.9
1-20 of 20
CVE-2023-40343 | Components Impacted | Sonatype Guide | Sonatype Guide
