5 matches found
CVE-2024-23904
creationtimestamp| type| source ---|---|--- 2024-01-24 19:27:10+00:00| seen| https://t.me/ctinow/173037 2024-01-28 12:25:22+00:00| seen| https://t.me/arpsyndicate/3288 2024-02-18 10:48:44+00:00| seen| https://t.me/ctinow/187205 2025-06-20 19:43:36+00:00| seen|...
CVE-2024-23904
Jenkins Log Command Plugin 1.0.2 and earlier does not disable a feature of its command parser that replaces an '@' character followed by a file path in an argument with the file's contents, allowing unauthenticated attackers to read content from arbitrary files on the Jenkins controller file syst...
CVE-2024-23904
Jenkins Log Command Plugin 1.0.2 and earlier does not disable a feature of its command parser that replaces an '@' character followed by a file path in an argument with the file's contents, allowing unauthenticated attackers to read content from arbitrary files on the Jenkins controller file syst...
CVE-2024-23904
Jenkins Log Command Plugin version 1.0.2 and earlier is vulnerable. The issue stems from a command parser feature that replaces an '@' character followed by a file path in an argument with the file’s contents, enabling unauthenticated attackers to read arbitrary files on the Jenkins controller fi...
CVE-2024-23904
Jenkins Log Command Plugin 1.0.2 and earlier does not disable a feature of its command parser that replaces an '@' character followed by a file path in an argument with the file's contents, allowing unauthenticated attackers to read content from arbitrary files on the Jenkins controller file syst...