Lucene search

K

GoogleOSV:CVE-2019-1003010

HistoryFeb 06, 2019 - 4:29 p.m.

CVE-2019-1003010

2019-02-0616:29:00

Google

osv.dev

7

AI Score

6.4

Confidence

High

EPSS

0.002

Percentile

53.6%

A cross-site request forgery vulnerability exists in Jenkins Git Plugin 3.9.1 and earlier in src/main/java/hudson/plugins/git/GitTagAction.java that allows attackers to create a Git tag in a workspace and attach corresponding metadata to a build record.

References

access.redhat.com/errata/RHBA-2019:0326

access.redhat.com/errata/RHBA-2019:0327

jenkins.io/security/advisory/2019-01-28/#SECURITY-1095

AI Score

6.4

Confidence

High

EPSS

0.002

Percentile

53.6%

Related for OSV:CVE-2019-1003010

github1 redhatcve1 cvelist1 osv1 cbl_mariner1 prion1 veracode1 alpinelinux1 nvd1 cve1 rosalinux1