Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

  1. Reconshell
  2. Vulnerabilities (CVE)
Filtered by vendor Jenkins Subscribe
Filtered by product Config Rotator
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-45388 1 Jenkins 1 Config Rotator 2022-11-17 N/A 7.5 HIGH
Jenkins Config Rotator Plugin 2.0.1 and earlier does not restrict a file name query parameter in an HTTP endpoint, allowing unauthenticated attackers to read arbitrary files with '.xml' extension on the Jenkins controller file system.