CVE-2019-1003080

2019-04-0416:29:01

Google

osv.dev

6.6 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

61.3%

JSON

A cross-site request forgery vulnerability in Jenkins OpenShift Deployer Plugin in the DeployApplication.DeployApplicationDescriptor#doCheckLogin form validation method allows attackers to initiate a connection to an attacker-specified server.

CPENameOperatorVersion
openshift-deployer-plugineq1.1.0
openshift-deployer-plugineq1.0.1
openshift-deployer-plugineq1.0.2
openshift-deployer-plugineq1.1.1
openshift-deployer-plugineq1.0.3
openshift-deployer-plugineq1.2.0
openshift-deployer-plugineq1.0.4

Name	Operator	Version
openshift-deployer-plugin	eq	1.1.0
openshift-deployer-plugin	eq	1.0.1
openshift-deployer-plugin	eq	1.0.2
openshift-deployer-plugin	eq	1.1.1
openshift-deployer-plugin	eq	1.0.3
openshift-deployer-plugin	eq	1.2.0
openshift-deployer-plugin	eq	1.0.4