← volver
CVE-2019-10354

CVE-2019-10354

EPSS 1.6%
A vulnerability in the Stapler web framework used in Jenkins 2.185 and earlier, LTS 2.176.1 and earlier allowed attackers to access view fragments directly, bypassing permission checks and possibly obtain sensitive information.
Productos afectados
Jenkins project · Jenkins

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://access.redhat.com/errata/RHSA-2019:2503https://access.redhat.com/errata/RHSA-2019:2548https://jenkins.io/security/advisory/2019-07-17/#SECURITY-534http://www.openwall.com/lists/oss-security/2019/07/17/2http://www.securityfocus.com/bid/109373