AVG-778 log
| Package | jenkins |
| Status | Fixed |
| Severity | Medium |
| Type | access restriction bypass |
| Affected | 2.145-1 |
| Fixed | 2.146-1 |
| Current | 2.485-1 [extra] |
| Ticket | None |
| Created | Thu Oct 11 07:18:38 2018 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2018-1999043 | Medium | Yes | Access restriction bypass | A security issue has been found in Jenkins version prior to 2.146. When attempting to authenticate using API token, an ephemeral user record was created to... |
| References |
|---|
https://jenkins.io/security/advisory/2018-10-10/ |
| Notes |
|---|
Several issues in this advisory, only one with a CVE at the moment, others are "pending". |