Description
A cross-site request forgery vulnerability in Jenkins Amazon EC2 Plugin 1.50.1 and earlier allows attackers to provision instances.
Remediation
References
https://jenkins.io/security/advisory/2020-05-06/#SECURITY-1408
http://www.openwall.com/lists/oss-security/2020/05/06/3
Related Vulnerabilities
CVE-2023-6927 Vulnerability in maven package org.keycloak:keycloak-common
CVE-2017-3589 Vulnerability in maven package mysql:mysql-connector-java
CVE-2021-23267 Vulnerability in maven package org.craftercms:crafter-engine
CVE-2023-36478 Vulnerability in maven package org.eclipse.jetty.http2:http2-hpack
CVE-2022-31194 Vulnerability in maven package org.dspace:dspace-jspui