AVG-778 log

Package jenkins
Status Fixed
Severity Medium
Type access restriction bypass
Affected 2.145-1
Fixed 2.146-1
Current 2.491-1 [extra]
Ticket None
Created Thu Oct 11 07:18:38 2018
Issue Severity Remote Type Description
CVE-2018-1999043 Medium Yes Access restriction bypass
A security issue has been found in Jenkins version prior to 2.146. When attempting to authenticate using API token, an ephemeral user record was created to...
References
https://jenkins.io/security/advisory/2018-10-10/
Notes
Several issues in this advisory, only one with a CVE at the moment, others are "pending".