CVE-2023-32981

An arbitrary file write vulnerability in Jenkins Pipeline Utility Steps Plugin 2.15.2 and earlier allows attackers able to provide crafted archives as parameters to create or replace arbitrary files on the agent file system with attacker-specified content.
Configurations

Configuration 1 (hide)

cpe:2.3:a:jenkins:pipeline_utility_steps:*:*:*:*:*:jenkins:*:*

History

21 Nov 2024, 08:04

Type Values Removed Values Added
References () https://www.jenkins.io/security/advisory/2023-05-16/#SECURITY-2196 - Vendor Advisory () https://www.jenkins.io/security/advisory/2023-05-16/#SECURITY-2196 - Vendor Advisory

09 Jun 2023, 18:32

Type Values Removed Values Added
CVSS v2 : unknown
v3 : 9.8
v2 : unknown
v3 : 8.8

Information

Published : 2023-05-16 16:15

Updated : 2024-11-21 08:04


NVD link : CVE-2023-32981

Mitre link : CVE-2023-32981

CVE.ORG link : CVE-2023-32981


JSON object : View

Products Affected

jenkins

  • pipeline_utility_steps
CWE
CWE-787

Out-of-bounds Write