Lucene search
GoogleOSV:GHSA-25G4-P347-X748HistoryMay 24, 2022 - 5:30 p.m.
Improper authorization due to caching in Jenkins Role-based Authorization Strategy Plugin
2022-05-2417:30:18
Google
osv.dev
12
jenkins
role-based authorization
cache
permission lookups
configuration changes
EPSS
0.003
Percentile
69.8%
Role-based Authorization Strategy Plugin 2.12 and newer uses a cache to speed up permission lookups. Role-based Authorization Strategy Plugin 3.0 and earlier this cache is not invalidated properly when an administrator changes the permission configuration. This can result in permissions being granted long after the configuration was changed to no longer grant them. Role-based Authorization Strategy Plugin 3.1 properly invalidates the cache on configuration changes.
Related
osv
osv
CVE-2020-2286
2020-10-08 13:15:11
cvelist
cvelist
CVE-2020-2286
2020-10-08 12:40:24
prion
prion
Default configuration
2020-10-08 13:15:00
github
github
cve
cve
CVE-2020-2286
2020-10-08 13:15:11
nvd
nvd
CVE-2020-2286
2020-10-08 13:15:11
alpinelinux
alpinelinux
CVE-2020-2286
2020-10-08 13:15:11