CVE-2018-1000110

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2018-1000110

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-1000110.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2018-1000110

Aliases

GHSA-46p2-fwqg-3h6m

Published

2018-03-13T13:29:00.640Z

Modified

2025-11-20T10:45:08.766788Z

Severity

5.3 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVSS Calculator

Summary

[none]

Details

An improper authorization vulnerability exists in Jenkins Git Plugin version 3.7.0 and earlier in GitStatus.java that allows an attacker with network access to obtain a list of nodes and users.

References

https://jenkins.io/security/advisory/2018-02-26/#SECURITY-723

Affected packages

Git / github.com/jenkinsci/git-plugin

Affected ranges

Type: GIT
Repo: https://github.com/jenkinsci/git-plugin
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

71282d76738d3d757ece18ffbe5611b8a39f8476

Affected versions

2.*

2.0-alpha-1

2.0-alpha-2

git-0.*

git-0.9

git-0.9.1

git-0.9.2

git-1.*

git-1.0

git-1.0.1

git-1.1

git-1.1.1

git-1.1.10

git-1.1.11

git-1.1.12

git-1.1.13

git-1.1.14

git-1.1.15

git-1.1.16

git-1.1.17

git-1.1.18

git-1.1.19

git-1.1.2

git-1.1.20

git-1.1.21

git-1.1.22

git-1.1.23

git-1.1.24

git-1.1.25

git-1.1.26

git-1.1.27

git-1.1.28

git-1.1.29

git-1.1.3

git-1.1.4

git-1.1.5

git-1.1.6

git-1.1.7

git-1.1.8

git-1.1.9

git-1.2.0

git-1.3.0

git-1.4.0

git-1.5.0

git-1.6.0-beta-1

git-2.*

git-2.0

git-2.0-beta-2

git-2.0-beta-3

git-2.0.1

git-2.0.2

git-2.0.3

git-2.0.4

git-2.1.0

git-2.2.0

git-2.2.1

git-2.3

git-2.3-beta-1

git-2.3-beta-2

git-2.3-beta-3

git-2.3-beta-4

git-2.3.1

git-2.3.2

git-2.3.3

git-2.3.4

git-2.3.5

git-2.4.0

git-2.4.1

git-2.4.2

git-2.4.3

git-2.4.4

git-2.5.0

git-2.5.0-beta2

git-2.5.0-beta3

git-2.5.0-beta4

git-2.5.0-beta5

git-2.5.1

git-2.5.2

git-2.5.3

git-2.6.0

git-3.*

git-3.0.0

git-3.0.0-beta1

git-3.0.0-beta2

git-3.0.1

git-3.0.2

git-3.0.2-beta-1

git-3.0.2-beta-2

git-3.0.3

git-3.0.4

git-3.0.5

git-3.1.0

git-3.2.0

git-3.3.0

git-3.3.1

git-3.3.2

git-3.4.0

git-3.4.0-alpha-1

git-3.4.0-alpha-4

git-3.4.0-beta-1

git-3.4.0-beta-2

git-3.4.1

git-3.5.0

git-3.5.1

git-3.6.0

git-3.6.1

git-3.6.2

git-3.6.3

git-3.6.4

git-3.7.0

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-1000110.json"