An open API service providing security vulnerability metadata for many open source software ecosystems.

Security Advisories: GSA_kwCzR0hTQS1tYzIyLTI1cjMtMnc5d84AAR2J

Parameterized Trigger Plugin fails to check Item/Build permission

Parameterized Trigger Plugin fails to check Item/Build permission: The Parameterized Trigger Plugin did not check the build authentication it was running as and allowed triggering any other project in Jenkins. The plugin has been adapted to now check for Item/Build permission before triggering a downstream build.

Source: GitHub Advisory Database
Origin: Unspecified
Severity: Moderate
Classification: General
Published: over 1 year ago
Updated: 8 months ago

CVSS Score: 6.5
CVSS vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Identifiers: GHSA-mc22-25r3-2w9w, CVE-2017-1000084

Affected Packages

Versions: < 2.35.1
Fixed in: 2.35.1