CVE-2019-16539
A missing permission check in Jenkins Support Core Plugin 2.63 and earlier allows attackers with Overall/Read permission to delete support bundles.
Date published : 2019-11-21
https://jenkins.io/security/advisory/2019-11-21/#SECURITY-1634