VulnerableCode Package Details - pkg:maven/io.jenkins.blueocean/blueocean@1.27.5.1

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:maven/io.jenkins.blueocean/blueocean@1.27.5.1

purl	pkg:maven/io.jenkins.blueocean/blueocean@1.27.5.1

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (1)

Vulnerability	Summary	Aliases
VCID-j456-xdn6-xyej	Cross-Site Request Forgery (CSRF) A cross-site request forgery (CSRF) vulnerability in Jenkins Blue Ocean Plugin 1.27.5 and earlier allows attackers to connect to an attacker-specified URL, capturing GitHub credentials associated with an attacker-specified job.	CVE-2023-40341 GHSA-g4pq-p927-7pgg

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-02T17:00:06.402616+00:00	GHSA Importer	Fixing	VCID-j456-xdn6-xyej	https://github.com/advisories/GHSA-g4pq-p927-7pgg	38.1.0
2026-04-01T12:58:27.210952+00:00	GithubOSV Importer	Fixing	VCID-j456-xdn6-xyej	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/08/GHSA-g4pq-p927-7pgg/GHSA-g4pq-p927-7pgg.json	38.0.0