CVE List


Moderate 4.3 Missing permission checks in Jenkins ElectricFlow Plugin 1.1.5 and earlier in various HTTP endpoints allowed users with Overall/Read access to obtain information about the Jenkins ElectricFlow Plugin configuration and configuration of connected ElectricFlow instances.

Published June 11, 2019.

Affected software

Jenkins Electricflow

Reference links

Keep track of vulnerabilities in your stack

Receive a free weekly email with a round-up of all vulnerabilities that affect your software as well as relevant security news and articles. See an example email