First published: Tue Jun 05 2018(Updated: )
A path traversal vulnerability exists in Jenkins 2.120 and older, LTS 2.107.2 and older in FilePath.java, SoloFilePathFilter.java that allows malicious agents to read and write arbitrary files on the Jenkins master, bypassing the agent-to-master security subsystem protection.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Jenkins Jenkins | <=2.120 | |
Jenkins Jenkins | <=2.107.2 | |
Oracle Communications Cloud Native Core Automated Test Suite | =1.9.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.