Components
Vulnerabilities
Pricing
MCP
Docs
Sign up
Login
Find vulnerabilities. Fix fast with AI.
Search components by package, version, or CVE to get started.
Ecosystem
Package
Version
Vulnerabilities
CVE-2024-23905
CVE-2024-23905
Jenkins Red Hat Dependency Analytics Plugin 0.7.1 and earlier programmatically disables Content-Security-Policy protection for user-generated content in workspaces, archived artifacts, etc. that Jenkins offers for download.
Published Feb 3, 2026
https://github.com/advisories/GHSA-x22x-5pp9-8v7f
CVSS Score
Medium
5.4
Components Impacted
Components Impacted
Security Details
Security Details
Sonatype Research
Sonatype Research
Ecosystem
Package
Version
Ecosystem
Package
Version
maven
io.jenkins.plugins/redhat-dependency-analytics
0.7.0
maven
io.jenkins.plugins/redhat-dependency-analytics
0.7.1
1-2 of 2
CVE-2024-23905 | Components Impacted | Sonatype Guide | Sonatype Guide
