Jenkins Script Security Plugin CVE-2017-1000505 Arbitrary File Read Vulnerability
BID:104952
Info
Jenkins Script Security Plugin CVE-2017-1000505 Arbitrary File Read Vulnerability
| Bugtraq ID: | 104952 |
| Class: | Input Validation Error |
| CVE: |
CVE-2017-1000505 |
| Remote: | Yes |
| Local: | Yes |
| Published: | Nov 10 2017 12:00AM |
| Updated: | Nov 10 2017 12:00AM |
| Credit: | Gregory Draperi |
| Vulnerable: |
Jenkins-Ci Script Security Plugin 1.36 Jenkins-Ci Script Security Plugin 1.18.1 Jenkins-Ci Script Security Plugin 1.18 |
| Not Vulnerable: |
Jenkins-Ci Script Security Plugin 1.37 |
Exploit / POC
Solution / Fix
Jenkins Script Security Plugin CVE-2017-1000505 Arbitrary File Read Vulnerability
Solution:
Updates are available. Please see the references or vendor advisory for more information.
Solution:
Updates are available. Please see the references or vendor advisory for more information.
References
Jenkins Script Security Plugin CVE-2017-1000505 Arbitrary File Read Vulnerability
References:
References:
- Jenkins CI Homepage (Jenkins CI)
- Jenkins Security Advisory 2017-12-11 (Jenkins)