A command execution vulnerability exists in Jenkins Absint Astree Plugin 1.0.5 and older in AstreeBuilder.java that allows attackers with Overall/Read access to execute a command on the Jenkins master.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Absint_astree | Jenkins | * | 1.0.5 (including) |