GHSA-w8wg-62wf-62gm, CVE-2022-45399
maven/org.zeroturnaround/cluster-stats
Missing Authorization
A missing permission check in Jenkins Cluster Statistics Plugin 0.4.6 and earlier allows attackers to delete recorded Jenkins Cluster Statistics.
All versions up to 0.4.6
Unfortunately, there is no solution available yet.
2022-11-22
source |