3 matches found
UBUNTU-CVE-2024-22232
A specially crafted url can be created which leads to a directory traversal in the salt file server. A malicious user can read an arbitrary file from a Salt master’s filesystem...
GHSA-8QH4-FGHR-6FXG Improper Limitation of a Pathname to a Restricted Directory in Jenkins Google OAuth Credentials Plugin
An arbitrary file read vulnerability in Jenkins Google OAuth Credentials Plugin 0.9 and earlier allowed attackers able to configure jobs and credentials in Jenkins to obtain the contents of any file on the Jenkins master...
GHSA-X646-M7X2-GCP7 Path Traversal in Jenkins
A path traversal vulnerability exists in Jenkins 2.120 and older, LTS 2.107.2 and older in FilePath.java, SoloFilePathFilter.java that allows malicious agents to read and write arbitrary files on the Jenkins master, bypassing the agent-to-master security subsystem protection...