|Created||Tue Jul 23 08:07:42 2019|
|CVE-2019-10354||High||Yes||Access restriction bypass||
A security issue has been found in Jenkins before 2.186. Jenkins uses the Stapler web framework to render its UI views. These views are frequently comprised...
|CVE-2019-10353||High||Yes||Cross-site request forgery||
By default, CSRF tokens in Jenkins before 2.186 only checked user authentication and IP address. This allowed attackers able to obtain a CSRF token for...
|CVE-2019-10352||High||Yes||Arbitrary file overwrite||
A vulnerability has been found in Jenkins before 2.186, where users with Job/Configure permission could specify a relative path escaping the base directory...