Security Advisory

CVE-2018-1999002

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2018-07-23 19:00:00

Last updated 2024-08-05 12:47:57

Assigner mitre

State PUBLISHED

Description

A arbitrary file read vulnerability exists in Jenkins 2.132 and earlier, 2.121.1 and earlier in the Stapler web frameworks org/kohsuke/stapler/Stapler.java that allows attackers to send crafted HTTP requests returning the contents of any file on the Jenkins master file system that the Jenkins master has access to.

← Browse all CVEs View on cve.org ↗