Description
An arbitrary file read vulnerability in Jenkins File System SCM Plugin 2.1 and earlier allows attackers able to configure jobs in Jenkins to obtain the contents of any file on the Jenkins master.
Remediation
References
http://www.openwall.com/lists/oss-security/2019/08/07/1
https://jenkins.io/security/advisory/2019-08-07/#SECURITY-569
Related Vulnerabilities
CVE-2022-41252 Vulnerability in maven package org.jenkins-ci.plugins:cons3rt
CVE-2023-43256 Vulnerability in npm package gladys
CVE-2020-13928 Vulnerability in maven package org.apache.atlas:apache-atlas
CVE-2020-2261 Vulnerability in maven package org.jenkins-ci.plugins:perfecto
CVE-2019-12086 Vulnerability in maven package com.fasterxml.jackson.core:jackson-databind