Jenkins Gitea Plugin 1.1.1 and earlier did not implement trusted revisions, allowing attackers without commit access to the Git repo to change Jenkinsfiles even if Jenkins is configured to consider them to be untrusted.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: jenkins
Published: 2019-05-31T14:20:19
Updated: 2024-08-04T22:17:20.462Z
Reserved: 2019-03-29T00:00:00
Link: CVE-2019-10330
Vulnrichment
No data.
NVD
Status : Modified
Published: 2019-05-31T15:29:00.590
Modified: 2024-11-21T04:18:54.293
Link: CVE-2019-10330
Redhat
No data.