6 matches found
CVE-2022-34181
Jenkins xUnit Plugin 3.0.8 and earlier implements an agent-to-controller message that creates a user-specified directory if it doesn't exist, and parsing files inside it as test results, allowing attackers able to control agent processes to create an arbitrary directory on the Jenkins controller ...
Jenkins Enterprise and Operations Center 2.303.x < 2.303.30.0.14 / 2.332.4.1 / 2.346.1.4 Multiple Vulnerabilities (CloudBees Security Advisory 2022-06-22)
The version of Jenkins Enterprise or Jenkins Operations Center running on the remote web server is 2.303.x prior to 2.303.30.0.14, or 2.x prior to 2.332.4.1 or 2.346.1.4. It is, therefore, affected by multiple vulnerabilities, including the following: - Jenkins Pipeline: Input Step Plugin...
com.thalesgroup.jenkins-ci.plugins:cpptest (>=0.10 <=0.14), org.jenkins-ci.plugins:gallio (>=1.6 <=1.8) +4 more potentially affected by CVE-2022-34181 via org.jenkins-ci.plugins:xunit (>=1.23 <=1.91)
org.jenkins-ci.plugins:xunit MAVEN version =1.23, =0.10, =1.6, =0.13, =1.0, =1.1 Source cves: CVE-2022-34181 Source advisory: OSV:GHSA-298J-9Q4W-6RM4...
CVE-2022-34181
Jenkins xUnit Plugin 3.0.8 and earlier implements an agent-to-controller message that creates a user-specified directory if it doesn't exist, and parsing files inside it as test results, allowing attackers able to control agent processes to create an arbitrary directory on the Jenkins controller ...
CVE-2022-34181
Jenkins xUnit Plugin 3.0.8 and earlier implements an agent-to-controller message that creates a user-specified directory if it doesn't exist, and parsing files inside it as test results, allowing attackers able to control agent processes to create an arbitrary directory on the Jenkins controller ...
CVE-2022-34181
CVE-2022-34181 concerns Jenkins xUnit Plugin (versions ≤ 3.0.8). The vulnerability arises from an agent-to-controller message that creates a user-specified directory on the Jenkins controller and parses files inside it as test results. This allows an attacker who can control agent processes to (1...