Jenkins is a Jenkins open source application. An open source automation server Jenkins provides hundreds of plugins to support building, deploying and automating any project.Jenkins Fortify Plugin 20.2.34 and earlier versions are vulnerable to a path traversal vulnerability that stems from not cleaning up the appName and appVersion parameters of its Pipeline step. An attacker could exploit this vulnerability to write content or overwrite xml files on the Jenkins controller file system via the Item Configure privilege.
CPE | Name | Operator | Version |
---|---|---|---|
jenkins fortify plugin | le | 20.2.34 |