Количество 2
Количество 2
CVE-2023-41932
Jenkins Job Configuration History Plugin 1227.v7a_79fc4dc01f and earlier does not restrict 'timestamp' query parameters in multiple endpoints, allowing attackers with to delete attacker-specified directories on the Jenkins controller file system as long as they contain a file called 'history.xml'.
GHSA-cgh7-rgqg-hrcx
Path traversal allows exploiting XXE vulnerability in Jenkins Job Configuration History Plugin
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2023-41932 Jenkins Job Configuration History Plugin 1227.v7a_79fc4dc01f and earlier does not restrict 'timestamp' query parameters in multiple endpoints, allowing attackers with to delete attacker-specified directories on the Jenkins controller file system as long as they contain a file called 'history.xml'. | CVSS3: 6.5 | 0% Низкий | больше 2 лет назад |
| GHSA-cgh7-rgqg-hrcx Path traversal allows exploiting XXE vulnerability in Jenkins Job Configuration History Plugin | CVSS3: 6.5 | 0% Низкий | больше 2 лет назад |
Уязвимостей на страницу