Количество 3
Количество 3
CVE-2022-25179
Jenkins Pipeline: Multibranch Plugin 706.vd43c65dec013 and earlier follows symbolic links to locations outside of the checkout directory for the configured SCM when reading files using the readTrusted step, allowing attackers able to configure Pipelines permission to read arbitrary files on the Jenkins controller file system.
CVE-2022-25179
Jenkins Pipeline: Multibranch Plugin 706.vd43c65dec013 and earlier follows symbolic links to locations outside of the checkout directory for the configured SCM when reading files using the readTrusted step, allowing attackers able to configure Pipelines permission to read arbitrary files on the Jenkins controller file system.
GHSA-2m9w-9xh2-wxc3
Link Following in Jenkins Pipeline Multibranch Plugin
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2022-25179 Jenkins Pipeline: Multibranch Plugin 706.vd43c65dec013 and earlier follows symbolic links to locations outside of the checkout directory for the configured SCM when reading files using the readTrusted step, allowing attackers able to configure Pipelines permission to read arbitrary files on the Jenkins controller file system. | CVSS3: 6.5 | 2% Низкий | почти 4 года назад |
 | CVE-2022-25179 Jenkins Pipeline: Multibranch Plugin 706.vd43c65dec013 and earlier follows symbolic links to locations outside of the checkout directory for the configured SCM when reading files using the readTrusted step, allowing attackers able to configure Pipelines permission to read arbitrary files on the Jenkins controller file system. | CVSS3: 6.5 | 2% Низкий | почти 4 года назад |
| GHSA-2m9w-9xh2-wxc3 Link Following in Jenkins Pipeline Multibranch Plugin | CVSS3: 6.5 | 2% Низкий | почти 4 года назад |
Уязвимостей на страницу