Description
Jenkins WildFly Deployer Plugin 1.0.2 and earlier implements functionality that allows agent processes to read arbitrary files on the Jenkins controller file system.
Remediation
References
https://www.jenkins.io/security/advisory/2022-09-21/#SECURITY-2645
Related Vulnerabilities
CVE-2018-17186 Vulnerability in maven package org.apache.syncope.client:syncope-client-console
CVE-2017-15703 Vulnerability in maven package org.apache.nifi:nifi-framework-core
CVE-2011-1475 Vulnerability in maven package org.apache.tomcat:tomcat-catalina
CVE-2020-1947 Vulnerability in maven package org.apache.shardingsphere:shardingsphere
CVE-2019-16556 Vulnerability in maven package org.jenkins-ci.plugins:rundeck