5 matches found
CVE-2022-43416
Jenkins Katalon Plugin 1.0.32 and earlier implements an agent/controller message that does not limit where it can be executed and allows invoking Katalon with configurable arguments, allowing attackers able to control agent processes to invoke Katalon on the Jenkins controller with...
CVE-2022-43416
Jenkins Katalon Plugin 1.0.32 and earlier implements an agent/controller message that does not limit where it can be executed and allows invoking Katalon with configurable arguments, allowing attackers able to control agent processes to invoke Katalon on the Jenkins controller with...
CVE-2022-43416
Jenkins Katalon Plugin 1.0.32 and earlier implements an agent/controller message that does not limit where it can be executed and allows invoking Katalon with configurable arguments, allowing attackers able to control agent processes to invoke Katalon on the Jenkins controller with...
CVE-2022-43416
Jenkins Katalon Plugin 1.0.32 and earlier implements an agent/controller message that does not limit where it can be executed and allows invoking Katalon with configurable arguments, allowing attackers able to control agent processes to invoke Katalon on the Jenkins controller with...
CVE-2022-43416
The CVE-2022-43416 entry concerns Jenkins Katalon Plugin versions 1.0.32 and earlier. Public docs describe an agent/controller message that is not properly restricted, allowing an attacker-controlled version, install location, and arguments to be used when invoking Katalon on the Jenkins controll...