CVE-2018-1999037

2022-10-0316:22:22

mitre

www.cve.org

jenkins

resource disposer plugin

data modification

vulnerability

asyncresourcedisposer.java

4.5 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

22.0%

JSON

A data modification vulnerability exists in Jenkins Resource Disposer Plugin 0.11 and earlier in AsyncResourceDisposer.java that allows attackers to stop tracking a resource.

References

jenkins.io/security/advisory/2018-07-30/#SECURITY-997