Описание
An arbitrary file write vulnerability in Jenkins Cobertura Plugin 1.15 and earlier allows attackers able to control the coverage report file contents to overwrite any file on the Jenkins master file system.
Ссылки
- Third Party Advisory
- Vendor Advisory
- Third Party Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.15 (включая)
cpe:2.3:a:jenkins:cobertura:*:*:*:*:*:jenkins:*:*
EPSS
Процентиль: 90%
0.05232
Низкий
6.5 Medium
CVSS3
8.5 High
CVSS2
Дефекты
CWE-22
Связанные уязвимости
CVSS3: 6.5
redhat
почти 6 лет назад
An arbitrary file write vulnerability in Jenkins Cobertura Plugin 1.15 and earlier allows attackers able to control the coverage report file contents to overwrite any file on the Jenkins master file system.
CVSS3: 6.5
github
больше 3 лет назад
Arbitrary file write vulnerability in Jenkins Cobertura Plugin
EPSS
Процентиль: 90%
0.05232
Низкий
6.5 Medium
CVSS3
8.5 High
CVSS2
Дефекты
CWE-22