Description
An arbitrary file read vulnerability in Jenkins File System SCM Plugin 2.1 and earlier allows attackers able to configure jobs in Jenkins to obtain the contents of any file on the Jenkins master.
Remediation
References
https://jenkins.io/security/advisory/2019-08-07/#SECURITY-569
http://www.openwall.com/lists/oss-security/2019/08/07/1
Related Vulnerabilities
CVE-2018-6341 Vulnerability in maven package org.webjars:vue
CVE-2023-31007 Vulnerability in maven package org.apache.pulsar:pulsar-broker
CVE-2023-33265 Vulnerability in maven package com.hazelcast:hazelcast
CVE-2022-46751 Vulnerability in maven package org.apache.ivy:ivy
CVE-2023-28709 Vulnerability in maven package org.apache.tomcat.embed:tomcat-embed-core