{"id":"CVE-2019-10326","details":"A cross-site request forgery vulnerability in Jenkins Warnings NG Plugin 5.0.0 and earlier allowed attackers to reset warning counts for future builds.","aliases":["GHSA-px35-882c-47hw"],"modified":"2026-04-11T18:23:51.694643Z","published":"2019-05-31T15:29:00.433Z","references":[{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2019/05/31/2"},{"type":"WEB","url":"http://www.securityfocus.com/bid/108540"},{"type":"ADVISORY","url":"https://jenkins.io/security/advisory/2019-05-31/#SECURITY-1391"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/jenkinsci/warnings-ng-plugin","events":[{"introduced":"0"},{"last_affected":"88b83663afe6179ea4f7bc75244fdc00290e5d2e"}],"database_specific":{"cpe":"cpe:2.3:a:jenkins:warnings_next_generation:5.0.0:*:*:*:*:jenkins:*:*","extracted_events":[{"introduced":"0"},{"last_affected":"5.0.0"}],"source":"CPE_FIELD"}}],"versions":["warnings-ng-1.0.0","warnings-ng-1.0.0-beta1","warnings-ng-1.0.0-beta10","warnings-ng-1.0.0-beta2","warnings-ng-1.0.0-beta3","warnings-ng-1.0.0-beta4","warnings-ng-1.0.0-beta5","warnings-ng-1.0.0-beta6","warnings-ng-1.0.0-beta7","warnings-ng-1.0.0-beta8","warnings-ng-1.0.0-beta9","warnings-ng-1.0.1","warnings-ng-2.0.0","warnings-ng-2.1.0","warnings-ng-2.1.1","warnings-ng-2.1.2","warnings-ng-2.2.0","warnings-ng-2.2.1","warnings-ng-3.0.0","warnings-ng-3.0.1","warnings-ng-3.0.2","warnings-ng-3.0.3","warnings-ng-4.0.0","warnings-ng-5.0.0"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-10326.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"}]}