An arbitrary file write vulnerability in Jenkins Pipeline Utility Steps Plugin 2.15.2 and earlier allows attackers able to provide crafted archives as parameters to create or replace arbitrary files on the agent file system with attacker-specified content.
History

Thu, 23 Jan 2025 21:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: jenkins

Published: 2023-05-16T16:00:03.102Z

Updated: 2025-01-23T20:48:15.205Z

Reserved: 2023-05-16T10:55:43.518Z

Link: CVE-2023-32981

cve-icon Vulnrichment

Updated: 2024-08-02T15:32:46.622Z

cve-icon NVD

Status : Modified

Published: 2023-05-16T16:15:10.833

Modified: 2025-01-23T21:15:11.753

Link: CVE-2023-32981

cve-icon Redhat

Severity : Moderate

Publid Date: 2023-05-16T00:00:00Z

Links: CVE-2023-32981 - Bugzilla