[MAVEN:GHSA-F9V6-P7HP-C3QX] Missing permission checks in Jenkins P4 Plugin
Severity
Moderate
Affected Packages
1
Fixed Packages
1
CVEs
1
A missing permission check in Jenkins P4 Plugin 1.10.10 and earlier allows attackers with Overall/Read permission to trigger builds or add labels in the Perforce repository.
P4 Plugin 1.10.11 appropriate user permissions for the affected HTTP endpoints.
Package | Affected Version |
---|---|
pkg:maven/org.jenkins-ci.plugins/p4 | < 1.10.11 |
Package | Fixed Version |
---|---|
pkg:maven/org.jenkins-ci.plugins/p4 | = 1.10.11 |
- ID
- MAVEN:GHSA-F9V6-P7HP-C3QX
- Severity
- moderate
- URL
- https://github.com/advisories/GHSA-f9v6-p7hp-c3qx
- Published
-
2022-05-24T17:10:28
(2 years ago) - Modified
-
2023-12-06T14:51:06
(9 months ago) - Rights
- Maven Security Team
- Other Advisories
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |