CVE-2019-10375

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2019-10375

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-10375.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2019-10375

Aliases

GHSA-47rr-8vrp-9283

Published

2019-08-07T15:15:12Z

Modified

2025-01-14T07:04:21.481774Z

Severity

6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVSS Calculator

Summary

[none]

Details

An arbitrary file read vulnerability in Jenkins File System SCM Plugin 2.1 and earlier allows attackers able to configure jobs in Jenkins to obtain the contents of any file on the Jenkins master.

References

Affected packages

Git / github.com/jenkinsci/filesystem_scm-plugin

Affected ranges

Type: GIT
Repo: https://github.com/jenkinsci/filesystem_scm-plugin
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

d02e2236d7f2ada0e1ebf9c61b67552bf743345e

Affected versions

filesystem_scm-2.*

filesystem_scm-2.0

filesystem_scm-2.1