CVE-2018-1999003 - log back

CVE-2018-1999003 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Remote
Type
+ Access restriction bypass
Description
+ The URLs handling cancellation of queued builds in Jenkins before 2.133 did not perform a permission check, allowing users with Overall/Read permission to cancel queued builds.
References
+ https://jenkins.io/security/advisory/2018-07-18/
Notes