Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4
CVSSv2

CVE-2019-10357

Published: 31/07/2019 Updated: 25/10/2023
CVSS v2 Base Score: 4 | Impact Score: 2.9 | Exploitability Score: 8
CVSS v3 Base Score: 4.3 | Impact Score: 1.4 | Exploitability Score: 2.8
VMScore: 356
Vector: AV:N/AC:L/Au:S/C:P/I:N/A:N
Subscribe to Jenkins

Vulnerability Summary

A missing permission check in Jenkins Pipeline: Shared Groovy Libraries Plugin 2.14 and previous versions allowed users with Overall/Read access to obtain limited information about the content of SCM repositories referenced by global libraries.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

jenkins pipeline\\ shared_groovy_libraries

redhat openshift container platform 3.11

redhat openshift container platform 4.1

Vendor Advisories

Red Hat: Important: Red Hat OpenShift Container Platform 3.11 jenkins-2-plugins security update
Synopsis Important: Red Hat OpenShift Container Platform 311 jenkins-2-plugins security update Type/Severity Security Advisory: Important Topic An update for jenkins-2-plugins is now available for Red Hat OpenShift Container Platform 311Red Hat Product Security has rated this update as having a security ...
Red Hat: Important: Red Hat OpenShift Container Platform 4.1 jenkins-2-plugins security update
Synopsis Important: Red Hat OpenShift Container Platform 41 jenkins-2-plugins security update Type/Severity Security Advisory: Important Topic An update for jenkins-2-plugins is now available for Red Hat OpenShift Container Platform 41Red Hat Product Security has rated this update as having a security im ...
Red Hat: Important: OpenShift Container Platform 4.1.14 security and bug fix update
Synopsis Important: OpenShift Container Platform 4114 security and bug fix update Type/Severity Security Advisory: Important Topic An update is now available for Red Hat OpenShift Container Platform 41Red Hat Product Security has rated this update as having a security impact of Important A Common Vulne ...
Red Hat: CVE-2019-10357
Impact: Moderate Public Date: 2019-08-01 CWE: CWE-284 Bugzilla: 1735521: CVE-2019-10357 jenkins-plugin- ...

References

CWE-862https://jenkins.io/security/advisory/2019-07-31/#SECURITY1422http://www.openwall.com/lists/oss-security/2019/07/31/1https://access.redhat.com/errata/RHSA-2019:2651https://access.redhat.com/errata/RHSA-2019:2594https://access.redhat.com/errata/RHSA-2019:2662https://nvd.nist.govhttps://access.redhat.com/errata/RHSA-2019:2651https://access.redhat.com/security/cve/cve-2019-10357
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
race conditionCVE-2024-4249CVE-2024-4244CVE-2023-20198TCPCVE-2022-48648CVE-2022-48636CVE-2024-21345SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook