Lucene search

Cross-Site Request Forgery in Jenkins

🗓️ 24 May 2022 16:30:50Reported by GitHub Advisory DatabaseType

Cross-Site Request Forgery in Jenkins - CSRF tokens do not expir

Reporter	Title	Published	Views	Family All 19
OSV	Cross-Site Request Forgery in Jenkins	24 May 202216:50	–	osv
OSV	CVE-2019-10353	17 Jul 201916:15	–	osv
OSV	RHSA-2019:2548 Red Hat Security Advisory: OpenShift Container Platform 4.1 jenkins security update	16 Sep 202402:46	–	osv
OSV	RHSA-2019:2503 Red Hat Security Advisory: OpenShift Container Platform 3.11 jenkins security update	16 Sep 202402:45	–	osv
NVD	CVE-2019-10353	17 Jul 201916:15	–	nvd
Cvelist	CVE-2019-10353	17 Jul 201915:45	–	cvelist
Prion	Cross site request forgery (csrf)	17 Jul 201916:15	–	prion
RedhatCVE	CVE-2019-10353	17 Jul 201919:52	–	redhatcve
Veracode	Cross-Site Request Forgery (CSRF)	16 Aug 201900:17	–	veracode
CVE	CVE-2019-10353	17 Jul 201916:15	–	cve

Vulners

Node

org.jenkins\-ci.main jenkins\-coreRange2.177–2.185

org.jenkins\-ci.main jenkins\-coreRange≤2.176.1

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2019-10353
jenkins	www.jenkins.io/security/advisory/2019-07-17/
access	www.access.redhat.com/errata/RHSA-2019:2503
access	www.access.redhat.com/errata/RHSA-2019:2548
openwall	www.openwall.com/lists/oss-security/2019/07/17/2
github	www.github.com/jenkinsci/jenkins/commit/772152315aa0a9ba27b812a4ba0f3f9b64af78d9
github	www.github.com/advisories/GHSA-hcxf-rq72-h4rr

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

24 May 2022 16:50Current

5.1Medium risk

Vulners AI Score5.1

CVSS25.1

CVSS37.5

EPSS0.00288

CWE-352