AVG-778 log
Package | jenkins |
Status | Fixed |
Severity | Medium |
Type | access restriction bypass |
Affected | 2.145-1 |
Fixed | 2.146-1 |
Current | 2.491-1 [extra] |
Ticket | None |
Created | Thu Oct 11 07:18:38 2018 |
Issue | Severity | Remote | Type | Description |
---|---|---|---|---|
CVE-2018-1999043 | Medium | Yes | Access restriction bypass | A security issue has been found in Jenkins version prior to 2.146. When attempting to authenticate using API token, an ephemeral user record was created to... |
References |
---|
https://jenkins.io/security/advisory/2018-10-10/ |
Notes |
---|
Several issues in this advisory, only one with a CVE at the moment, others are "pending". |