Description
Jenkins WildFly Deployer Plugin 1.0.2 and earlier implements functionality that allows agent processes to read arbitrary files on the Jenkins controller file system.
Remediation
References
https://www.jenkins.io/security/advisory/2022-09-21/#SECURITY-2645
Related Vulnerabilities
CVE-2021-44878 Vulnerability in maven package org.pac4j:pac4j-core
CVE-2020-6461 Vulnerability in npm package electron
CVE-2023-29528 Vulnerability in maven package org.xwiki.commons:xwiki-commons-xml
CVE-2018-1261 Vulnerability in maven package org.springframework.integration:spring-integration-zip
CVE-2015-8860 Vulnerability in maven package org.webjars.npm:tar