Permission Issues
CVE-2019-10357
Summary
A missing permission check in Jenkins Pipeline: Shared Groovy Libraries Plugin 2.14 and earlier allowed users with Overall/Read access to obtain limited information about the content of SCM repositories referenced by global libraries.
- LOW
- NETWORK
- NONE
- UNCHANGED
- NONE
- LOW
- LOW
- NONE
CWE-275 - Permission Issues
Weaknesses in this category are related to improper assignment or handling of permissions.
References
Advisory Timeline
- Published