CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Jenkins: >> Slack Notification Security Vulnerabilities

CVE-2019-1003043

A missing permission check in Jenkins Slack Notification Plugin 2.19 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.

CVSS Score

7.5

EPSS Score

0.002

Published

2019-03-28

CVE-2019-1003044

A cross-site request forgery vulnerability in Jenkins Slack Notification Plugin 2.19 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.

CVSS Score

7.1

EPSS Score

0.003

Published

2019-03-28

Page 1

Vulnerabilities

Vulnerable Software

Jenkins: >> Slack Notification Security Vulnerabilities

Products

Pricing

Contact Us