CVE-2018-1999037

2018-08-0113:00:00

mitre

www.cve.org

jenkins

resource disposer plugin

data modification

vulnerability

asyncresourcedisposer.java

AI Score

4.5

Confidence

High

EPSS

0.001

Percentile

22.0%

JSON

A data modification vulnerability exists in Jenkins Resource Disposer Plugin 0.11 and earlier in AsyncResourceDisposer.java that allows attackers to stop tracking a resource.

References

jenkins.io/security/advisory/2018-07-30/#SECURITY-997