jenkins before versions 2.44, 2.32.2 is vulnerable to an improper blacklisting of the Pipeline metadata files in the agent-to-master security subsystem. This could allow metadata files to be written to by malicious agents (SECURITY-358).
Name | Vendor | Start Version | End Version |
---|---|---|---|
Jenkins | Jenkins | * | 2.32.2 (excluding) |
Jenkins | Jenkins | * | 2.44 (excluding) |