CVEDB API - Fast Vulnerability Dashboard

Vulnerabilities

Vulnerable Software

Jenkins: >> Github Oauth >> 0.1 Security Vulnerabilities

CVE-2019-1003018

An exposure of sensitive information vulnerability exists in Jenkins GitHub Authentication Plugin 0.29 and earlier in GithubSecurityRealm/config.jelly that allows attackers able to view a Jenkins administrator's web browser output, or control the browser (e.g. malicious extension) to retrieve the configured client secret.

CVSS Score

4.3

EPSS Score

0.0

Published

2019-02-06

CVE-2019-1003019

An session fixation vulnerability exists in Jenkins GitHub Authentication Plugin 0.29 and earlier in GithubSecurityRealm.java that allows unauthorized attackers to impersonate another user if they can control the pre-authentication session.

CVSS Score

5.9

EPSS Score

0.0

Published

2019-02-06

Page 1

Products

Pricing

Contact Us

support@shodan.io

Shodan ® - All rights reserved