Description

A path traversal vulnerability exists in the Stapler web framework used by Jenkins 2.145 and earlier, LTS 2.138.1 and earlier in core/src/main/java/org/kohsuke/stapler/Facet.java, groovy/src/main/java/org/kohsuke/stapler/jelly/groovy/GroovyFacet.java, jelly/src/main/java/org/kohsuke/stapler/jelly/JellyFacet.java, jruby/src/main/java/org/kohsuke/stapler/jelly/jruby/JRubyFacet.java, jsp/src/main/java/org/kohsuke/stapler/jsp/JSPFacet.java that allows attackers to render routable objects using any view in Jenkins, exposing internal information about those objects not intended to be viewed, such as their toString() representation.

Remediation

References

https://jenkins.io/security/advisory/2018-10-10/#SECURITY-867

Related Vulnerabilities

CVE-2023-27905 Vulnerability in maven package org.jenkins-ci:update-center2

CVE-2017-5643 Vulnerability in maven package org.apache.camel:camel-core

CVE-2021-40331 Vulnerability in maven package org.apache.ranger:ranger-hive-plugin

CVE-2023-28679 Vulnerability in maven package javagh.jenkins:mashup-portlets-plugin

CVE-2018-13864 Vulnerability in maven package com.typesafe.play:play

Severity

High

Classification

CWE-22 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Tags

Vendor Advisory