CVE-2018-1999003 log

Severity Medium
Remote Yes
Type Access restriction bypass
The URLs handling cancellation of queued builds in Jenkins before 2.133 did not perform a permission check, allowing users with Overall/Read permission to cancel queued builds.
Group Package Affected Fixed Severity Status Ticket
AVG-738 jenkins 2.132-1 2.133-1 High Fixed
Date Advisory Group Package Severity Type
21 Jul 2018 ASA-201807-14 AVG-738 jenkins High multiple issues