Vulnerability Database
296,733
Total vulnerabilities in the database
CVE-2019-1003004
An improper authorization vulnerability exists in Jenkins 2.158 and earlier, LTS 2.150.1 and earlier in core/src/main/java/hudson/security/AuthenticationProcessingFilter2.java that allows attackers to extend the duration of active HTTP sessions indefinitely even though the user account may have been deleted in the mean time.
| Software | From | Fixed in |
|---|---|---|
| jenkins / jenkins | - | 2.150.1.x |
| jenkins / jenkins | - | 2.159.x |
| redhat / openshift_container_platform | 3.11 | 3.11.x |
org.jenkins-ci.main / jenkins-core
|
- | 2.159 |
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime