Description
Jenkins Copy Artifact Plugin 1.43.1 and earlier performs improper permission checks, allowing attackers to copy artifacts from jobs they have no permission to access.
Remediation
References
http://www.openwall.com/lists/oss-security/2020/05/06/3
https://jenkins.io/security/advisory/2020-05-06/#SECURITY-988
Related Vulnerabilities
CVE-2023-39153 Vulnerability in maven package org.jenkins-ci.plugins:gitlab-oauth
CVE-2019-10433 Vulnerability in maven package com.ztbsuper:dingding-notifications
CVE-2015-8851 Vulnerability in maven package org.webjars.bower:node-uuid
CVE-2022-25767 Vulnerability in maven package com.bstek.ureport:ureport2-console
CVE-2022-36886 Vulnerability in maven package org.jenkins-ci.plugins:external-monitor-job