Description
An arbitrary file write vulnerability in Jenkins Pipeline Utility Steps Plugin 2.15.2 and earlier allows attackers able to provide crafted archives as parameters to create or replace arbitrary files on the agent file system with attacker-specified content.
Remediation
References
https://www.jenkins.io/security/advisory/2023-05-16/#SECURITY-2196
Related Vulnerabilities
CVE-2023-32007 Vulnerability in maven package org.apache.spark:spark-core_2.12
CVE-2018-3831 Vulnerability in maven package org.elasticsearch:elasticsearch
CVE-2019-16771 Vulnerability in maven package com.linecorp.armeria:armeria
CVE-2015-5351 Vulnerability in maven package org.apache.tomcat:tomcat