Description

A path traversal vulnerability exists in the Stapler web framework used by Jenkins 2.145 and earlier, LTS 2.138.1 and earlier in core/src/main/java/org/kohsuke/stapler/Facet.java, groovy/src/main/java/org/kohsuke/stapler/jelly/groovy/GroovyFacet.java, jelly/src/main/java/org/kohsuke/stapler/jelly/JellyFacet.java, jruby/src/main/java/org/kohsuke/stapler/jelly/jruby/JRubyFacet.java, jsp/src/main/java/org/kohsuke/stapler/jsp/JSPFacet.java that allows attackers to render routable objects using any view in Jenkins, exposing internal information about those objects not intended to be viewed, such as their toString() representation.

Remediation

References

https://jenkins.io/security/advisory/2018-10-10/#SECURITY-867

Related Vulnerabilities

CVE-2019-10467 Vulnerability in maven package org.jenkins-ci.plugins:sonar-gerrit

CVE-2018-1999038 Vulnerability in maven package org.jenkins-ci.plugins:publish-over-cifs

CVE-2017-8451 Vulnerability in npm package kibana

CVE-2014-3600 Vulnerability in maven package org.apache.activemq:activemq-broker

CVE-2023-29519 Vulnerability in maven package org.xwiki.platform:xwiki-platform-attachment-ui

Severity

High

Classification

CWE-22 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Tags

Vendor Advisory