Описание
An arbitrary file write vulnerability in Jenkins Cobertura Plugin 1.15 and earlier allows attackers able to control the coverage report file contents to overwrite any file on the Jenkins master file system.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat OpenShift Container Platform 3.11 | jenkins-2-plugins | Not affected | ||
| Red Hat OpenShift Container Platform 4 | jenkins-2-plugins | Not affected |
Показывать по
10
Дополнительная информация
Статус:
Moderate
Дефект:
CWE-22
https://bugzilla.redhat.com/show_bug.cgi?id=1819067jenkins-cobertura-plugin: arbitrary file write vulnerability
6.5 Medium
CVSS3
Связанные уязвимости
CVSS3: 6.5
nvd
почти 6 лет назад
An arbitrary file write vulnerability in Jenkins Cobertura Plugin 1.15 and earlier allows attackers able to control the coverage report file contents to overwrite any file on the Jenkins master file system.
CVSS3: 6.5
github
больше 3 лет назад
Arbitrary file write vulnerability in Jenkins Cobertura Plugin
6.5 Medium
CVSS3