Lucene search
China National Vulnerability DatabaseCNVD-2022-16720HistoryFeb 17, 2022 - 12:00 a.m.
Jenkins Fortify Plugin Path Traversal Vulnerability
2022-02-1700:00:00
China National Vulnerability Database
www.cnvd.org.cn
8
0.001 Low
EPSS
Percentile
26.8%
Jenkins is a Jenkins open source application. An open source automation server Jenkins provides hundreds of plugins to support building, deploying and automating any project.Jenkins Fortify Plugin 20.2.34 and earlier versions are vulnerable to a path traversal vulnerability that stems from not cleaning up the appName and appVersion parameters of its Pipeline step. An attacker could exploit this vulnerability to write content or overwrite xml files on the Jenkins controller file system via the Item Configure privilege.
| CPE | Name | Operator | Version |
|---|---|---|---|
| jenkins fortify plugin | le | 20.2.34 |
Related
alpinelinux
alpinelinux
CVE-2022-25188
2022-02-15 17:15:09
osv
osv
Path traversal vulnerability in Jenkins Fortify Plugin
2022-02-16 00:01:27
cvelist
cvelist
CVE-2022-25188
2022-02-15 16:11:14
github
github
Path traversal vulnerability in Jenkins Fortify Plugin
2022-02-16 00:01:27
nvd
nvd
CVE-2022-25188
2022-02-15 17:15:09
cve
cve
CVE-2022-25188
2022-02-15 17:15:09
prion
prion
Code injection
2022-02-15 17:15:00
