13 matches found
workflow-multibranch: OS command execution through crafted SCM contents
A flaw was found in Jenkins. The Pipeline: Multibranch uses the same checkout directories for distinct SCMs for the readTrusted step. This flaw allows attackers with item/configure permission to invoke arbitrary OS commands on the controller through crafted SCM contents.This allows attackers to...
workflow-multibranch: Pipeline-related plugins follow symbolic links or do not limit path names
A flaw was found in Jenkins. The Pipeline: Multibranch follows symbolic links to locations outside of the checkout directory for the configured SCM when reading files using the readTrusted step. This flaw allows attackers that can configure Pipelines, to read arbitrary files on the Jenkins...
workflow-multibranch: Pipeline-related plugins follow symbolic links or do not limit path names
A flaw was found in Jenkins. The Pipeline: Multibranch follows symbolic links to locations outside of the checkout directory for the configured SCM when reading files using the readTrusted step. This flaw allows attackers that can configure Pipelines, to read arbitrary files on the Jenkins...
workflow-multibranch: OS command execution through crafted SCM contents
A flaw was found in Jenkins. The Pipeline: Multibranch uses the same checkout directories for distinct SCMs for the readTrusted step. This flaw allows attackers with item/configure permission to invoke arbitrary OS commands on the controller through crafted SCM contents.This allows attackers to...
workflow-multibranch: Pipeline-related plugins follow symbolic links or do not limit path names
A flaw was found in Jenkins. The Pipeline: Multibranch follows symbolic links to locations outside of the checkout directory for the configured SCM when reading files using the readTrusted step. This flaw allows attackers that can configure Pipelines, to read arbitrary files on the Jenkins...
workflow-multibranch: OS command execution through crafted SCM contents
A flaw was found in Jenkins. The Pipeline: Multibranch uses the same checkout directories for distinct SCMs for the readTrusted step. This flaw allows attackers with item/configure permission to invoke arbitrary OS commands on the controller through crafted SCM contents.This allows attackers to...
workflow-multibranch: Pipeline-related plugins follow symbolic links or do not limit path names
A flaw was found in Jenkins. The Pipeline: Multibranch follows symbolic links to locations outside of the checkout directory for the configured SCM when reading files using the readTrusted step. This flaw allows attackers that can configure Pipelines, to read arbitrary files on the Jenkins...
workflow-multibranch: OS command execution through crafted SCM contents
A flaw was found in Jenkins. The Pipeline: Multibranch uses the same checkout directories for distinct SCMs for the readTrusted step. This flaw allows attackers with item/configure permission to invoke arbitrary OS commands on the controller through crafted SCM contents.This allows attackers to...
workflow-multibranch: Pipeline-related plugins follow symbolic links or do not limit path names
A flaw was found in Jenkins. The Pipeline: Multibranch follows symbolic links to locations outside of the checkout directory for the configured SCM when reading files using the readTrusted step. This flaw allows attackers that can configure Pipelines, to read arbitrary files on the Jenkins...
workflow-multibranch: Pipeline-related plugins follow symbolic links or do not limit path names
A flaw was found in Jenkins. The Pipeline: Multibranch follows symbolic links to locations outside of the checkout directory for the configured SCM when reading files using the readTrusted step. This flaw allows attackers that can configure Pipelines, to read arbitrary files on the Jenkins...
Jenkins Pipeline Multibranch Plugin Arbitrary File Read Vulnerability
Jenkins is a Jenkins open source application. An open source automation server Jenkins provides hundreds of plugins to support building, deploying and automating any project. Jenkins Pipeline Multibranch Plugin 706.vd43c65dec013 and earlier versions contain an arbitrary file reading vulnerability...
PT-2022-17118 · Jenkins · Jenkins Pipeline: Multibranch Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Pipeline: Multibranch Plugin versions 706.vd43c65dec013 and earlier Jenkins Pipeline: Multibranch Plugin prior to 2.23.1, 2.26.1, 696.698.v9b4218eea50f, and 707.v71c3f0a 6ccdb Description: The issue allows attackers with permission to...
Jenkins Pipeline 后置链接漏洞
Jenkins is a Jenkins open source application. An open source automation server Jenkins provides hundreds of plugins to support building, deploying and automating any project. Jenkins Pipeline Multibranch Plugin 706.vd43c65dec013 and earlier versions contain an arbitrary file reading vulnerability...