Description
An exposure of sensitive information vulnerability exists in Jenkins Copy To Slave Plugin version 1.4.4 and older in CopyToSlaveBuildWrapper.java that allows attackers with permission to configure jobs to read arbitrary files from the Jenkins master file system.
Remediation
References
https://jenkins.io/security/advisory/2018-03-26/#SECURITY-545
Related Vulnerabilities
CVE-2023-32697 Vulnerability in maven package org.xerial:sqlite-jdbc
CVE-2016-1000220 Vulnerability in npm package kibana
CVE-2018-8037 Vulnerability in maven package org.apache.tomcat.embed:tomcat-embed-core
CVE-2021-20293 Vulnerability in maven package org.jboss.resteasy:resteasy-core
CVE-2021-31412 Vulnerability in maven package com.vaadin:flow-server