CVE-2018-1999002

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2018-1999002

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-1999002.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2018-1999002

Aliases

GHSA-qf38-f2fr-q4x9

Published

2018-07-23T19:29:00.267Z

Modified

2026-04-10T04:07:38.624754Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS Calculator

Summary

[none]

Details

A arbitrary file read vulnerability exists in Jenkins 2.132 and earlier, 2.121.1 and earlier in the Stapler web framework's org/kohsuke/stapler/Stapler.java that allows attackers to send crafted HTTP requests returning the contents of any file on the Jenkins master file system that the Jenkins master has access to.

References

Affected packages

Git / github.com/jenkinsci/jenkins

Affected ranges

Type

GIT

Repo

https://github.com/jenkinsci/jenkins

Events

Introduced

Last affected

8a653f84283b1729d0ecd25138d472de83af1b6d

Introduced

261ddc1c9a610bffa61b6e9f559a27c363216f6d

Last affected

85354aad981e4115f8f2d0c9e66b43c31dd22810

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.121.1"
        },
        {
            "introduced": "2.122"
        },
        {
            "last_affected": "2.132"
        }
    ]
}

Affected versions

1.*

1.324-rc

1.325-rc

1.327-rc

1.328-rc

Other

builds/101

builds/102

builds/103

builds/104

builds/105

builds/106

builds/107

builds/108

builds/109

builds/110

builds/112

builds/113

builds/114

builds/115

builds/116

builds/117

builds/118

builds/119

builds/120

builds/121

builds/122

builds/123

builds/124

builds/125

builds/126

builds/127

builds/128

builds/130

builds/131

builds/132

builds/133

builds/134

builds/135

builds/136

builds/137

builds/138

builds/139

builds/140

builds/141

builds/142

builds/143

builds/144

builds/145

builds/146

builds/147

builds/148

builds/149

builds/150

builds/151

builds/152

builds/153

builds/154

builds/155

builds/156

builds/157

builds/158

builds/16

builds/160

builds/161

builds/162

builds/163

builds/164

builds/165

builds/166

builds/168

builds/169

builds/17

builds/170

builds/171

builds/172

builds/173

builds/174

builds/176

builds/177

builds/179

builds/18

builds/180

builds/181

builds/182

builds/183

builds/184

builds/185

builds/186

builds/187

builds/188

builds/189

builds/190

builds/191

builds/192

builds/193

builds/194

builds/195

builds/196

builds/197

builds/198

builds/199

builds/2

builds/200

builds/201

builds/202

builds/203

builds/204

builds/205

builds/206

builds/207

builds/209

builds/21

builds/210

builds/211

builds/212

builds/213

builds/214

builds/215

builds/216

builds/217

builds/218

builds/219

builds/22

builds/220

builds/221

builds/222

builds/223

builds/224

builds/225

builds/227

builds/228

builds/229

builds/23

builds/230

builds/231

builds/232

builds/233

builds/234

builds/235

builds/236

builds/237

builds/238

builds/239

builds/24

builds/240

builds/241

builds/242

builds/243

builds/244

builds/245

builds/247

builds/248

builds/249

builds/250

builds/251

builds/254

builds/255

builds/256

builds/257

builds/258

builds/259

builds/26

builds/260

builds/262

builds/264

builds/265

builds/266

builds/267

builds/268

builds/269

builds/27

builds/270

builds/271

builds/272

builds/273

builds/274

builds/275

builds/276

builds/277

builds/278

builds/279

builds/28

builds/280

builds/281

builds/282

builds/284

builds/285

builds/286

builds/287

builds/288

builds/29

builds/290

builds/291

builds/293

builds/294

builds/295

builds/296

builds/297

builds/298

builds/299

builds/30

builds/300

builds/301

builds/302

builds/303

builds/304

builds/305

builds/306

builds/31

builds/32

builds/33

builds/338

builds/339

builds/34

builds/340

builds/341

builds/342

builds/343

builds/344

builds/345

builds/346

builds/348

builds/35

builds/350

builds/352

builds/353

builds/355

builds/356

builds/357

builds/358

builds/359

builds/36

builds/361

builds/363

builds/37

builds/370

builds/371

builds/372

builds/39

builds/40

builds/41

builds/42

builds/43

builds/44

builds/46

builds/47

builds/48

builds/49

builds/50

builds/51

builds/52

builds/53

builds/54

builds/55

builds/56

builds/77

builds/81

builds/82

builds/83

builds/85

builds/86

builds/89

builds/90

builds/92

builds/93

builds/94

changes/101

changes/102

changes/103

changes/104

changes/105

changes/106

changes/107

changes/108

changes/109

changes/110

changes/113

changes/114

changes/115

changes/116

changes/117

changes/118

changes/119

changes/120

changes/121

changes/122

changes/123

changes/124

changes/125

changes/126

changes/127

changes/128

changes/130

changes/131

changes/132

changes/133

changes/134

changes/135

changes/136

changes/137

changes/138

changes/139

changes/140

changes/141

changes/142

changes/143

changes/144

changes/145

changes/146

changes/147

changes/148

changes/149

changes/150

changes/151

changes/152

changes/153

changes/154

changes/155

changes/156

changes/157

changes/158

changes/16

changes/161

changes/162

changes/163

changes/164

changes/165

changes/166

changes/169

changes/17

changes/170

changes/171

changes/172

changes/173

changes/174

changes/176

changes/177

changes/179

changes/18

changes/180

changes/181

changes/182

changes/183

changes/184

changes/185

changes/186

changes/187

changes/188

changes/189

changes/190

changes/191

changes/192

changes/193

changes/194

changes/195

changes/196

changes/197

changes/198

changes/199

changes/2

changes/20

changes/200

changes/201

changes/202

changes/203

changes/204

changes/205

changes/206

changes/207

changes/209

changes/21

changes/210

changes/211

changes/212

changes/213

changes/214

changes/215

changes/216

changes/217

changes/218

changes/22

changes/220

changes/221

changes/222

changes/223

changes/224

changes/225

changes/228

changes/229

changes/23

changes/230

changes/231

changes/232

changes/233

changes/234

changes/235

changes/236

changes/237

changes/238

changes/239

changes/24

changes/240

changes/241

changes/242

changes/243

changes/244

changes/245

changes/248

changes/249

changes/250

changes/251

changes/255

changes/256

changes/257

changes/258

changes/259

changes/262

changes/265

changes/266

changes/267

changes/268

changes/269

changes/27

changes/270

changes/271

changes/272

changes/273

changes/274

changes/275

changes/276

changes/277

changes/278

changes/279

changes/28

changes/280

changes/281

changes/282

changes/284

changes/286

changes/287

changes/288

changes/29

changes/290

changes/291

changes/293

changes/294

changes/295

changes/296

changes/297

changes/298

changes/299

changes/30

changes/300

changes/301

changes/302

changes/303

changes/304

changes/305

changes/306

changes/31

changes/32

changes/338

changes/339

changes/34

changes/340

changes/342

changes/343

changes/344

changes/345

changes/346

changes/348

changes/35

changes/350

changes/352

changes/353

changes/356

changes/357

changes/358

changes/36

changes/361

changes/363

changes/37

changes/370

changes/371

changes/372

changes/39

changes/40

changes/41

changes/42

changes/43

changes/44

changes/46

changes/47

changes/48

changes/49

changes/50

changes/51

changes/52

changes/53

changes/54

changes/55

changes/56

changes/76

changes/77

changes/79

changes/81

changes/82

changes/83

changes/85

changes/86

changes/89

changes/90

changes/92

changes/93

changes/94

jenkins-1.*

jenkins-1.604

jenkins-1.605

jenkins-1.606

jenkins-1.607

jenkins-1.608

jenkins-1.609

jenkins-1.610

jenkins-1.614

jenkins-1.615

jenkins-1.616

jenkins-1.617

jenkins-1.618

jenkins-1.619

jenkins-1.620

jenkins-1.621

jenkins-1.622

jenkins-1.623

jenkins-1.624

jenkins-1.625

jenkins-1.626

jenkins-1.627

jenkins-1.628

jenkins-1.638

jenkins-1.639

jenkins-1.640

jenkins-1.641

jenkins-1.642

jenkins-1.643

jenkins-1.644

jenkins-1.645

jenkins-1.646

jenkins-1.647

jenkins-1.648

jenkins-1.649

jenkins-1.650

jenkins-1.651

jenkins-1.652

jenkins-1.653

jenkins-1.654

jenkins-1.655

jenkins-1.656

jenkins-2.*

jenkins-2.10

jenkins-2.100

jenkins-2.101

jenkins-2.102

jenkins-2.103

jenkins-2.104

jenkins-2.105

jenkins-2.106

jenkins-2.108

jenkins-2.109

jenkins-2.11

jenkins-2.116

jenkins-2.117

jenkins-2.118

jenkins-2.12

jenkins-2.121

jenkins-2.121.1

jenkins-2.122

jenkins-2.124

jenkins-2.125

jenkins-2.126

jenkins-2.127

jenkins-2.128

jenkins-2.129

jenkins-2.13

jenkins-2.130

jenkins-2.131

jenkins-2.132

jenkins-2.14

jenkins-2.15

jenkins-2.16

jenkins-2.17

jenkins-2.18

jenkins-2.19

jenkins-2.20

jenkins-2.21

jenkins-2.22

jenkins-2.23

jenkins-2.24

jenkins-2.25

jenkins-2.26

jenkins-2.27

jenkins-2.28

jenkins-2.29

jenkins-2.3

jenkins-2.30

jenkins-2.31

jenkins-2.32

jenkins-2.33

jenkins-2.34

jenkins-2.35

jenkins-2.36

jenkins-2.37

jenkins-2.4

jenkins-2.44

jenkins-2.45

jenkins-2.46

jenkins-2.47

jenkins-2.48

jenkins-2.49

jenkins-2.5

jenkins-2.50

jenkins-2.51

jenkins-2.52

jenkins-2.53

jenkins-2.57

jenkins-2.58

jenkins-2.59

jenkins-2.6

jenkins-2.60

jenkins-2.61

jenkins-2.62

jenkins-2.63

jenkins-2.64

jenkins-2.65

jenkins-2.66

jenkins-2.67

jenkins-2.68

jenkins-2.7

jenkins-2.8

jenkins-2.9

jenkins-2.95

jenkins-2.96

jenkins-2.97

jenkins-2.98

jenkins-2.99

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-1999002.json"

unresolved_ranges

[
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "1.9.0"
            }
        ]
    }
]