CVE-2017-1000390 Vulnerability in maven package org.jenkins-ci.plugins:jenkins-multijob-plugin

Description

Jenkins Multijob plugin version 1.25 and earlier did not check permissions in the Resume Build action, allowing anyone with Job/Read permission to resume the build.

Remediation

References

http://www.securityfocus.com/bid/102824

https://jenkins.io/security/advisory/2017-10-23/

Related Vulnerabilities

CVE-2020-8203 Vulnerability in maven package org.fujion.webjars:lodash

CVE-2021-22096 Vulnerability in maven package org.springframework:spring-webflux

CVE-2020-26939 Vulnerability in maven package org.bouncycastle:bcprov-ext-jdk15to18

CVE-2023-33510 Vulnerability in maven package org.jeecgframework.p3:jeecg-p3-biz-chat

CVE-2018-9207 Vulnerability in maven package org.webjars:jquery-file-upload

Severity

Medium

Classification

CWE-862 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N