4.3
CVSSv3

CVE-2024-54004

Published: 27/11/2024 Updated: 27/11/2024

Vulnerability Summary

Jenkins Filesystem List Parameter Plugin 0.0.14 and previous versions does not restrict the path used for the File system objects list Parameter, allowing attackers with Item/Configure permission to enumerate file names on the Jenkins controller file system.

Vulnerability Trend

Mailing Lists

Jenkins is an open source automation server which enables developers around the world to reliably build, test, and deploy their software The following releases contain fixes for security vulnerabilities: * Jenkins 2487 * Jenkins LTS 24792 * Filesystem List Parameter Plugin 0015 * Simple Queue Plugin 145 Summaries of the vulnerabilities ...