Description
A missing permission check in Jenkins Tag Profiler Plugin 0.2 and earlier allows attackers with Overall/Read permission to reset profiler statistics.
Remediation
References
https://www.jenkins.io/security/advisory/2023-05-16/#SECURITY-3083
Related Vulnerabilities
CVE-2020-9480 Vulnerability in maven package org.apache.spark:spark-network-common_2.12
CVE-2015-5167 Vulnerability in maven package org.apache.ranger:ranger
CVE-2018-10862 Vulnerability in maven package org.wildfly.core:wildfly-deployment-repository
CVE-2017-15691 Vulnerability in maven package org.apache.uima:uimaj-adapter-vinci
CVE-2021-20222 Vulnerability in maven package org.keycloak:keycloak-core