3 matches found
GHSA-RH72-238F-G26Q Jenkins Azure CLI Plugin does not restrict the commands it executes
Jenkins Azure CLI Plugin 0.9 and earlier does not restrict which commands it executes on the Jenkins controller. This allows attackers with Item/Configure permission to execute arbitrary shell commands on the Jenkins controller. As of publication of this advisory, there is no fix...
CVE-2025-64140
Jenkins Azure CLI Plugin 0.9 and earlier does not restrict which commands it executes on the Jenkins controller, allowing attackers with Item/Configure permission to execute arbitrary shell commands...
PT-2025-44289
Name of the Vulnerable Software and Affected Versions Jenkins Azure CLI Plugin versions 0.9 and earlier Description The Jenkins Azure CLI Plugin does not restrict the commands it executes on the Jenkins controller. This allows attackers with Item/Configure permission to execute arbitrary shell...