GHSA-P2RF-WPXJ-MX2G Jenkins Credentials Binding Plugin has a path traversal vulnerability
Jenkins Credentials Binding Plugin versions 719.v80e905ef14eb and earlier do not sanitize file names for file and zip file credentials. This allows attackers able to provide credentials to a job to write files to arbitrary locations on the node filesystem. If Jenkins is configured to allow a...