Description
An exposure of sensitive information vulnerability exists in Jenkins Copy To Slave Plugin version 1.4.4 and older in CopyToSlaveBuildWrapper.java that allows attackers with permission to configure jobs to read arbitrary files from the Jenkins master file system.
Remediation
References
https://jenkins.io/security/advisory/2018-03-26/#SECURITY-545
Related Vulnerabilities
CVE-2022-46683 Vulnerability in maven package org.jenkins-ci.plugins:google-login
CVE-2023-26480 Vulnerability in maven package org.xwiki.platform:xwiki-platform-livedata-macro
CVE-2017-7662 Vulnerability in maven package org.apache.cxf.fediz:fediz-cxf
CVE-2023-27602 Vulnerability in maven package org.apache.linkis:linkis-storage-script-dev-server
CVE-2017-5662 Vulnerability in maven package org.apache.xmlgraphics:batik-rasterizer