2 matches found
CVE-2021-43578
Jenkins Squash TM Publisher Squash4Jenkins Plugin 1.0.0 and earlier implements an agent-to-controller message that does not implement any validation of its input, allowing attackers able to control agent processes to replace arbitrary files on the Jenkins controller file system with an...
CVE-2021-43578
CVE-2021-43578 affects the Jenkins Squash TM Publisher (Squash4Jenkins) Plugin, version 1.0.0 and earlier. The root cause is an agent-to-controller message that performs no input validation, enabling an attacker who can control agent processes to replace arbitrary files on the Jenkins controller ...