2 matches found
CVE-2019-10330
Summary: CVE-2019-10330 affects the Jenkins Gitea Plugin, versions 1.1.1 and earlier. The root cause is that the plugin did not implement trusted revisions, enabling attackers without commit access to the Git repository to modify Jenkinsfiles, even when Jenkins treated them as untrusted. Impact: ...
CVE-2019-10330
Jenkins Gitea Plugin 1.1.1 and earlier did not implement trusted revisions, allowing attackers without commit access to the Git repo to change Jenkinsfiles even if Jenkins is configured to consider them to be untrusted...