cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2019-10315,https://securityvulnerability.io/vulnerability/CVE-2019-10315,,Jenkins GitHub Authentication Plugin 0.31 and earlier did not use the state parameter of OAuth to prevent CSRF.,Jenkins,Jenkins Github Authentication Plugin,8.8,HIGH,0.0031900000758469105,false,false,false,false,,false,false,2019-04-30T12:25:17.000Z,0
CVE-2019-1003018,https://securityvulnerability.io/vulnerability/CVE-2019-1003018,,"An exposure of sensitive information vulnerability exists in Jenkins GitHub Authentication Plugin 0.29 and earlier in GithubSecurityRealm/config.jelly that allows attackers able to view a Jenkins administrator's web browser output, or control the browser (e.g. malicious extension) to retrieve the configured client secret.",Jenkins,Jenkins Github Authentication Plugin,4.3,MEDIUM,0.0007900000200606883,false,false,false,false,,false,false,2019-02-06T16:29:00.000Z,0
CVE-2019-1003019,https://securityvulnerability.io/vulnerability/CVE-2019-1003019,,An session fixation vulnerability exists in Jenkins GitHub Authentication Plugin 0.29 and earlier in GithubSecurityRealm.java that allows unauthorized attackers to impersonate another user if they can control the pre-authentication session.,Jenkins,Jenkins Github Authentication Plugin,5.9,MEDIUM,0.0008500000112690032,false,false,false,false,,false,false,2019-02-06T16:29:00.000Z,0