Lucene search

GoogleOSV:CVE-2019-10357

HistoryJul 31, 2019 - 1:15 p.m.

CVE-2019-10357

2019-07-3113:15:12

Google

osv.dev

AI Score

6.1

Confidence

High

EPSS

0.002

Percentile

55.2%

JSON

A missing permission check in Jenkins Pipeline: Shared Groovy Libraries Plugin 2.14 and earlier allowed users with Overall/Read access to obtain limited information about the content of SCM repositories referenced by global libraries.

References

www.openwall.com/lists/oss-security/2019/07/31/1

access.redhat.com/errata/RHSA-2019:2594

access.redhat.com/errata/RHSA-2019:2651

access.redhat.com/errata/RHSA-2019:2662

jenkins.io/security/advisory/2019-07-31/#SECURITY1422