Количество 2
Количество 2
CVE-2018-1000197
An improper authorization vulnerability exists in Jenkins Black Duck Hub Plugin 3.0.3 and older in PostBuildScanDescriptor.java that allows users with Overall/Read permission to read and write the Black Duck Hub plugin configuration.
GHSA-crvq-mw2w-4cfx
Jenkins Black Duck Hub Plugin allowed any user with Overall/Read to read and write its configuration
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2018-1000197 An improper authorization vulnerability exists in Jenkins Black Duck Hub Plugin 3.0.3 and older in PostBuildScanDescriptor.java that allows users with Overall/Read permission to read and write the Black Duck Hub plugin configuration. | CVSS3: 8.1 | 0% Низкий | больше 7 лет назад |
| GHSA-crvq-mw2w-4cfx Jenkins Black Duck Hub Plugin allowed any user with Overall/Read to read and write its configuration | CVSS3: 8.1 | 0% Низкий | больше 3 лет назад |
Уязвимостей на страницу