mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-07-29 05:56:59 +00:00
67 lines
2.1 KiB
JSON
67 lines
2.1 KiB
JSON
{
|
|
"CVE_data_meta": {
|
|
"ID": "CVE-2019-10375",
|
|
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"vendor_name": "Jenkins project",
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "Jenkins File System SCM Plugin",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_value": "2.1 and earlier"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"data_format": "MITRE",
|
|
"data_type": "CVE",
|
|
"data_version": "4.0",
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "An arbitrary file read vulnerability in Jenkins File System SCM Plugin 2.1 and earlier allows attackers able to configure jobs in Jenkins to obtain the contents of any file on the Jenkins master."
|
|
}
|
|
]
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "CWE-22"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"refsource": "MLIST",
|
|
"name": "[oss-security] 20190807 Multiple vulnerabilities in Jenkins plugins",
|
|
"url": "http://www.openwall.com/lists/oss-security/2019/08/07/1"
|
|
},
|
|
{
|
|
"url": "https://jenkins.io/security/advisory/2019-08-07/#SECURITY-569",
|
|
"refsource": "CONFIRM",
|
|
"name": "https://jenkins.io/security/advisory/2019-08-07/#SECURITY-569"
|
|
}
|
|
]
|
|
}
|
|
} |