Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A arbitrary file read vulnerability exists in Jenkins SSH Credentials Plugin 1.13 and earlier in BasicSSHUserPrivateKey.java that allows attackers with a Jenkins account and the permission to configure credential bindings to read arbitrary files from the Jenkins master file system.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
CloudBees Jenkins SSH Credentials Plugin 安全漏洞
Vulnerability Description
CloudBees Jenkins是美国CloudBees公司的一套基于Java开发的持续集成工具,它主要用于监控持续的软件版本发布/测试项目和一些定时执行的任务。SSH Credentials Plugin是使用在其中的一个用于在Jenkins中存储SSH凭证的插件。 CloudBees Jenkins SSH Credentials Plugin 1.13及之前版本中的BasicSSHUserPrivateKey.java文件存在任意文件读取漏洞。攻击者可利用该漏洞读取Jenkins master文件
CVSS Information
N/A
Vulnerability Type
N/A