admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-08 14:08:13 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add affected versions in description

Browse Source
This commit is contained in:
Daniel Beck 2019-04-10 17:57:42 +02:00
parent e8461f41fc
commit 0dacc97f6a
No known key found for this signature in database
GPG Key ID: 86E30187A0C5D16A
2 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
2019/1003xxx/CVE-2019-1003049.json
View File

@ -33,7 +33,7 @@
"description_data": [
{
"lang": "eng",
"value": "Users who cached their CLI authentication before Jenkins was updated to 2.150.2 and newer, or 2.160 and newer, would remain authenticated because the fix for CVE-2019-1003004 in these releases did not reject existing remoting-based CLI authentication caches."
"value": "Users who cached their CLI authentication before Jenkins was updated to 2.150.2 and newer, or 2.160 and newer, would remain authenticated in Jenkins 2.171 and earlier and Jenkins LTS 2.164.1 and earlier, because the fix for CVE-2019-1003004 in these releases did not reject existing remoting-based CLI authentication caches."
}
]
},

2
2019/1003xxx/CVE-2019-1003050.json
View File

@ -33,7 +33,7 @@
"description_data": [
{
"lang": "eng",
"value": "A form control for the Jenkins UI did not properly escape job URLs, resulting in a cross-site scripting (XSS) vulnerability exploitable by users with the ability to control job names."
"value": "A form control for the Jenkins UI did not properly escape job URLs in Jenkins 2.171 and earlier and Jenkins LTS 2.164.1 and earlier, resulting in a cross-site scripting (XSS) vulnerability exploitable by users with the ability to control job names."
}
]
},