Description

Directory traversal vulnerability in the CLI job creation (hudson/cli/CreateJobCommand.java) in Jenkins before 1.551 and LTS before 1.532.2 allows remote authenticated users to overwrite arbitrary files via the job name.

Remediation

References

CVE-2014-2059

Related Vulnerabilities

Apache HTTP Server Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2004-0748)

WebLogic CVE-2018-2893 Vulnerability (CVE-2018-2893)

MySQL Numeric Errors Vulnerability (CVE-2016-2105)

MySQL CVE-2024-21055 Vulnerability (CVE-2024-21055)

WebLogic CVE-2024-21216 Vulnerability (CVE-2024-21216)

Severity

Medium

Classification

CVE-2014-2059 CWE-22

Tags

Missing Update Known Vulnerabilities