Description
A missing permission check in Jenkins P4 Plugin 1.10.10 and earlier allows attackers with Overall/Read permission to trigger builds.
Remediation
References
https://jenkins.io/security/advisory/2020-03-09/#SECURITY-1765
http://www.openwall.com/lists/oss-security/2020/03/09/1
Related Vulnerabilities
CVE-2020-16013 Vulnerability in npm package electron
CVE-2015-2156 Vulnerability in maven package io.netty:netty-all
CVE-2011-2481 Vulnerability in maven package org.apache.tomcat:tomcat-catalina
CVE-2022-36033 Vulnerability in maven package org.jsoup:jsoup
CVE-2020-1714 Vulnerability in maven package org.keycloak:keycloak-common