CVE-2019-10330
N/A
N/A
Summary
Jenkins Gitea Plugin 1.1.1 and earlier did not implement trusted revisions, allowing attackers without commit access to the Git repo to change Jenkinsfiles even if Jenkins is configured to consider them to be untrusted.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Jenkins project | Jenkins Gitea Plugin | 1.1.1 and earlier | affected |
Weaknesses
ADP Enrichment
CVE Program Container
Additional References
- http://www.openwall.com/lists/oss-security/2019/05/31/2
- http://www.securityfocus.com/bid/108540
- https://jenkins.io/security/advisory/2019-05-31/#SECURITY-1046
References
- http://www.openwall.com/lists/oss-security/2019/05/31/2
- http://www.securityfocus.com/bid/108540
- https://jenkins.io/security/advisory/2019-05-31/#SECURITY-1046
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.