Description
Jenkins WildFly Deployer Plugin 1.0.2 and earlier implements functionality that allows agent processes to read arbitrary files on the Jenkins controller file system.
Remediation
References
https://www.jenkins.io/security/advisory/2022-09-21/#SECURITY-2645
Related Vulnerabilities
CVE-2023-26471 Vulnerability in maven package org.xwiki.platform:xwiki-platform-rendering-async-api
CVE-2019-12418 Vulnerability in maven package org.apache.tomcat:tomcat-catalina-jmx-remote
CVE-2020-25640 Vulnerability in maven package org.jboss.genericjms:generic-jms-ra-jar
CVE-2022-45378 Vulnerability in maven package soap:soap
CVE-2023-25763 Vulnerability in maven package org.jenkins-ci.plugins:email-ext