Lucene search
JenkinsCVELIST:CVE-2024-23900HistoryJan 24, 2024 - 5:52 p.m.
CVE-2024-23900
2024-01-2417:52:24
jenkins
raw.githubusercontent.com
4
jenkins
matrix project plugin
multi-configuration projects
file system manipulation
cve-2024-23900
Jenkins Matrix Project Plugin 822.v01b_8c85d16d2 and earlier does not sanitize user-defined axis names of multi-configuration projects, allowing attackers with Item/Configure permission to create or replace any config.xml files on the Jenkins controller file system with content not controllable by the attackers.
Related
prion
prion
Code injection
2024-01-24 18:15:00
cgr
cgr
CVE-2024-23900 vulnerabilities
2024-05-19 03:07:16
redhatcve
redhatcve
CVE-2024-23900
2024-01-25 20:22:35
alpinelinux
alpinelinux
CVE-2024-23900
2024-01-24 18:15:09
osv
osv
CVE-2024-23900
2024-01-24 18:15:09
Path traversal vulnerability in Jenkins Matrix Project Plugin
2024-01-24 18:31:02
wolfi
wolfi
CVE-2024-23900 vulnerabilities
2024-05-29 03:07:31
veracode
veracode
Path Traversal
2024-01-29 07:12:08
cve
cve
CVE-2024-23900
2024-01-24 18:15:09
github
github
Path traversal vulnerability in Jenkins Matrix Project Plugin
2024-01-24 18:31:02
nessus
nessus
Jenkins plugins Multiple Vulnerabilities (2024-01-24)
2024-01-24 00:00:00
redos
redos
ROS-20240411-08
2024-04-11 00:00:00