Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
FilePath#renameTo and FilePath#moveAllChildrenTo in Jenkins 2.318 and earlier, LTS 2.303.2 and earlier only check 'read' agent-to-controller access permission on the source path, instead of 'delete'.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Jenkins 安全漏洞
Vulnerability Description
Jenkins是Jenkins开源的一个应用软件。一个开源自动化服务器Jenkins提供了数百个插件来支持构建,部署和自动化任何项目。 Jenkins 存在安全漏洞,该漏洞源于Jenkins 2.318 及更早版本、LTS 2.303.2 及更早版本的文件路径过滤实现中存在多个漏洞。攻击者可利用该漏洞允许代理进程在 Jenkins 控制器文件系统上读写任意文件,并获取有关 Jenkins 控制器文件系统的一些信息。
CVSS Information
N/A
Vulnerability Type
N/A