Описание
Jenkins 2.275 and LTS 2.263.2 allows reading arbitrary files using the file browser for workspaces and archived artifacts due to a time-of-check to time-of-use (TOCTOU) race condition.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| jenkins | removed | package |
EPSS
Процентиль: 63%
0.00436
Низкий
Связанные уязвимости
CVSS3: 5.3
redhat
около 5 лет назад
Jenkins 2.275 and LTS 2.263.2 allows reading arbitrary files using the file browser for workspaces and archived artifacts due to a time-of-check to time-of-use (TOCTOU) race condition.
CVSS3: 5.3
nvd
около 5 лет назад
Jenkins 2.275 and LTS 2.263.2 allows reading arbitrary files using the file browser for workspaces and archived artifacts due to a time-of-check to time-of-use (TOCTOU) race condition.
CVSS3: 5.3
github
больше 3 лет назад
Time-of-check Time-of-use (TOCTOU) Race Condition in Jenkins
EPSS
Процентиль: 63%
0.00436
Низкий