CVE-2020-2139
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2020-2139
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-2139.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2020-2139
- Aliases
- Published
- 2020-03-09T16:15:13Z
- Modified
- 2024-09-03T03:21:30.277895Z
- Severity
-
- 6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N CVSS Calculator
- Summary
- [none]
- Details
-
An arbitrary file write vulnerability in Jenkins Cobertura Plugin 1.15 and earlier allows attackers able to control the coverage report file contents to overwrite any file on the Jenkins master file system.
- References
Affected packages
Git / github.com/jenkinsci/cobertura-plugin
Affected ranges
- Type
- GIT
- Repo
- https://github.com/jenkinsci/cobertura-plugin
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affected
Affected versions
cobertura-1.*
cobertura-1.1
cobertura-1.10
cobertura-1.12
cobertura-1.12.1
cobertura-1.13
cobertura-1.14
cobertura-1.15
cobertura-1.2
cobertura-1.3
cobertura-1.4
cobertura-1.5
cobertura-1.6
cobertura-1.7
cobertura-1.7.1
cobertura-1.8
cobertura-1.9
cobertura-1.9.1
cobertura-1.9.2
cobertura-1.9.3
cobertura-1.9.4
cobertura-1.9.5
cobertura-1.9.6
cobertura-1.9.7
cobertura-1.9.8