First published: Tue Jun 05 2018(Updated: )
A command execution vulnerability exists in Jenkins Absint Astree Plugin 1.0.5 and older in AstreeBuilder.java that allows attackers with Overall/Read access to execute a command on the Jenkins master.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Jenkins Absint Astree | <=1.0.5 | |
maven/org.jenkins-ci.plugins:absint-astree | <=1.0.5 | 1.0.7 |
<=1.0.5 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.