Home

CVE-2019-10436

Description

An arbitrary file read vulnerability in Jenkins Google OAuth Credentials Plugin 0.9 and earlier allowed attackers able to configure jobs and credentials in Jenkins to obtain the contents of any file on the Jenkins master.

Risk Information

Base Score
6.5
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
EPSS Score
Exploitation Probability
0.146

Associated Vulnerability

VulnerabilityOS Platform
Vulnerabilities CVE-2019-10436 are fixed in Jenkins - google-oauth-plugin 0.10Windows
Vulnerabilities CVE-2019-10436 are fixed in Jenkins - google-oauth-plugin for Linux 0.10Linux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234