Skip to main content

Permission Issues

CVE-2019-10357

Severity Medium
Score 4.3/10

Summary

A missing permission check in Jenkins Pipeline: Shared Groovy Libraries Plugin 2.14 and earlier allowed users with Overall/Read access to obtain limited information about the content of SCM repositories referenced by global libraries.

  • LOW
  • NETWORK
  • NONE
  • UNCHANGED
  • NONE
  • LOW
  • LOW
  • NONE

CWE-275 - Permission Issues

Weaknesses in this category are related to improper assignment or handling of permissions.

Advisory Timeline

  • Published