Description
An improper authorization vulnerability exists in Jenkins Promoted Builds Plugin 2.31.1 and earlier in Status.java and ManualCondition.java that allow an attacker with read access to jobs to perform promotions.
Remediation
References
https://jenkins.io/security/advisory/2018-02-26/#SECURITY-746
Related Vulnerabilities
CVE-2009-4269 Vulnerability in maven package org.apache.derby:derby
CVE-2022-1274 Vulnerability in maven package org.keycloak:keycloak-themes
CVE-2018-1999035 Vulnerability in maven package com.inedo.buildmaster:inedo-buildmaster
CVE-2019-10170 Vulnerability in maven package org.keycloak:keycloak-services