Lucene search
GoogleOSV:GHSA-HCXF-RQ72-H4RRHistoryMay 24, 2022 - 4:50 p.m.
Cross-Site Request Forgery in Jenkins
2022-05-2416:50:30
Google
osv.dev
6
0.002 Low
EPSS
Percentile
55.9%
CSRF tokens in Jenkins 2.185 and earlier, LTS 2.176.1 and earlier did not expire, thereby allowing attackers able to obtain them to bypass CSRF protection.
References
Related
cvelist
cvelist
CVE-2019-10353
2019-07-17 15:45:13
nvd
nvd
CVE-2019-10353
2019-07-17 16:15:12
veracode
veracode
Cross-Site Request Forgery (CSRF)
2019-08-16 00:17:48
osv
osv
CVE-2019-10353
2019-07-17 16:15:12
github
github
Cross-Site Request Forgery in Jenkins
2022-05-24 16:50:30
cve
cve
CVE-2019-10353
2019-07-17 16:15:12
redhatcve
redhatcve
CVE-2019-10353
2019-07-17 19:52:05
prion
prion
Cross site request forgery (csrf)
2019-07-17 16:15:00
openvas
openvas
Jenkins < 2.186 and < 2.176.2 LTS Multiple Vulnerabilities - Linux
2019-07-31 00:00:00
Jenkins < 2.186 and < 2.176.2 LTS Multiple Vulnerabilities - Windows
2019-07-31 00:00:00
nessus
nessus
RHEL 7 : OpenShift Container Platform 3.11 jenkins (RHSA-2019:2503)
2019-08-20 00:00:00
RHEL 7 : OpenShift Container Platform 4.1 jenkins (RHSA-2019:2548)
2019-08-30 00:00:00
Jenkins < 2.176.2 LTS / 2.186 Multiple Vulnerabilities
2019-07-26 00:00:00
redhat
redhat
freebsd
freebsd
jenkins -- multiple vulnerabilities
2019-07-17 00:00:00