Lucene search
K

5 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 4:8 a.m.6 views

SUSE CVE-2019-16539

A missing permission check in Jenkins Support Core Plugin 2.63 and earlier allows attackers with Overall/Read permission to delete support bundles...

6.5CVSS6.3AI score0.00715EPSS
Exploits0References3
OSV
OSV
added 2022/05/24 5:1 p.m.4 views

GHSA-2CXG-448H-4WXJ Jenkins Support Core Plugin allowed users with Overall/Read permission to delete arbitrary files

Jenkins Support Core Plugin did not validate the paths submitted for the "Delete Support Bundles" feature. This allowed users to delete arbitrary files on the Jenkins controller file system accessible to the OS user account running Jenkins. Additionally, this endpoint did not perform a permission...

7.1CVSS6AI score0.01606EPSS
Exploits0References5
NVD
NVD
added 2019/11/21 3:15 p.m.25 views

CVE-2019-16539

A missing permission check in Jenkins Support Core Plugin 2.63 and earlier allows attackers with Overall/Read permission to delete support bundles...

6.5CVSS6.3AI score0.00715EPSS
Exploits0References2
OSV
OSV
added 2019/11/21 3:15 p.m.16 views

CVE-2019-16539

A missing permission check in Jenkins Support Core Plugin 2.63 and earlier allows attackers with Overall/Read permission to delete support bundles...

6.5CVSS6.6AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2019/11/21 12:0 a.m.5 views

PT-2019-14696 · Jenkins · Jenkins Support Core Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Support Core Plugin versions 2.63 and earlier Description: A path traversal issue allows attackers with Overall/Read permission to delete arbitrary files on the Jenkins master. The vulnerability arises from the lack of validation of...

7.1CVSS6.3AI score0.01606EPSS
Exploits0References7
Rows per page
Query Builder