CVE-2019-10330

Summary

Jenkins Gitea Plugin 1.1.1 and earlier did not implement trusted revisions, allowing attackers without commit access to the Git repo to change Jenkinsfiles even if Jenkins is configured to consider them to be untrusted.

Affected Software

VendorProductVersion RangeStatus
Jenkins projectJenkins Gitea Plugin1.1.1 and earlieraffected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

References