Описание
Incorrect Permission Assignment for Critical Resource in Jenkins
In Jenkins before versions 2.44, 2.32.2 low privilege users were able to override JDK download credentials (SECURITY-392), resulting in future builds possibly failing to download a JDK.
Пакеты
org.jenkins-ci.main:jenkins-core
< 2.32.2
2.32.2
org.jenkins-ci.main:jenkins-core
>= 2.34, < 2.44
2.44
Связанные уязвимости
In Jenkins before versions 2.44, 2.32.2 low privilege users were able to override JDK download credentials (SECURITY-392), resulting in future builds possibly failing to download a JDK.
In Jenkins before versions 2.44, 2.32.2 low privilege users were able to override JDK download credentials (SECURITY-392), resulting in future builds possibly failing to download a JDK.
In Jenkins before versions 2.44, 2.32.2 low privilege users were able to override JDK download credentials (SECURITY-392), resulting in future builds possibly failing to download a JDK.
In Jenkins before versions 2.44, 2.32.2 low privilege users were able ...