CVE-2019-10409

Missing Authorization in maven/hudson.plugins/project-inheritance

Identifiers

GHSA-gpmw-h4wq-4rch, CVE-2019-10409

Package Slug

maven/hudson.plugins/project-inheritance

Vulnerability

Missing Authorization

Description

A missing permission check in Jenkins Project Inheritance Plugin 2.0.0 and earlier allowed attackers with Overall/Read permission to trigger project generation from templates.

Affected Versions

All versions before 19.08.02

Solution

Upgrade to version 19.08.02 or above.

Last Modified

2024-01-31

source