Lucene search
GoogleOSV:GHSA-8QXP-G8JV-P37XHistoryMay 13, 2022 - 1:05 a.m.
Improper Authorization in Jenkins Core
2022-05-1301:05:22
Google
osv.dev
9
0.003 Low
EPSS
Percentile
66.2%
An improper authorization vulnerability exists in Jenkins 2.158 and earlier, LTS 2.150.1 and earlier in core/src/main/java/hudson/security/AuthenticationProcessingFilter2.java that allows attackers to extend the duration of active HTTP sessions indefinitely even though the user account may have been deleted in the mean time.
Related
nvd
nvd
CVE-2019-1003004
2019-01-22 14:29:00
CVE-2019-1003049
2019-04-10 21:29:01
osv
osv
CVE-2019-1003004
2019-01-22 14:29:00
Insufficient Session Expiration in Jenkins
2022-05-13 01:01:01
CVE-2019-1003049
2019-04-10 21:29:01
cvelist
cvelist
CVE-2019-1003004
2019-01-22 14:00:00
CVE-2019-1003049
2019-04-10 20:12:29
cve
cve
CVE-2019-1003004
2019-01-22 14:29:00
CVE-2019-1003049
2019-04-10 21:29:01
redhatcve
redhatcve
CVE-2019-1003004
2020-04-09 10:33:33
CVE-2019-1003049
2019-04-15 03:50:05
github
github
Improper Authorization in Jenkins Core
2022-05-13 01:05:22
Insufficient Session Expiration in Jenkins
2022-05-13 01:01:01
veracode
veracode
Insecure Session Management
2019-05-16 03:24:12
prion
prion
Authorization
2019-01-22 14:29:00
Authentication flaw
2019-04-10 21:29:00
alpinelinux
alpinelinux
CVE-2019-1003049
2019-04-10 21:29:01
openvas
openvas
Jenkins < 2.160 and < 2.150.2 LTS Multiple Vulnerabilities - Linux
2019-01-23 00:00:00
Jenkins < 2.160 and < 2.150.2 LTS Multiple Vulnerabilities - Windows
2019-01-23 00:00:00
Jenkins < 2.164.2 LTS and < 2.172 Multiple Vulnerabilities - Linux
2019-04-17 00:00:00
nessus
nessus
Jenkins < 2.150.2 LTS / 2.160 Multiple Vulnerabilities
2019-01-23 00:00:00