Description
An arbitrary file read vulnerability in Jenkins File System SCM Plugin 2.1 and earlier allows attackers able to configure jobs in Jenkins to obtain the contents of any file on the Jenkins master.
Remediation
References
https://jenkins.io/security/advisory/2019-08-07/#SECURITY-569
http://www.openwall.com/lists/oss-security/2019/08/07/1
Related Vulnerabilities
CVE-2022-23539 Vulnerability in maven package org.webjars.npm:jsonwebtoken
CVE-2022-25901 Vulnerability in maven package org.webjars.npm:cookiejar
CVE-2023-32315 Vulnerability in maven package org.igniterealtime.openfire:xmppserver
CVE-2023-37895 Vulnerability in maven package org.apache.jackrabbit:jackrabbit-webapp