CVE-2023-27902

Published

Last updated

NVD

https://nvd.nist.gov/vuln/detail/CVE-2023-27902

Severity

4.3

Medium

CVSS CVSS_V3

Description

Jenkins 2.393 and earlier, LTS 2.375.3 and earlier shows temporary directories related to job workspaces, which allows attackers with Item/Workspace permission to access their contents.

References

https://images.chainguard.dev/security/CGA-f846-fggc-qm9g
https://github.com/advisories/GHSA-cj6r-8pxj-5jv6
https://www.jenkins.io/security/advisory/2023-03-08/#SECURITY-1807

Affected packages

Advisories are based on vulnerability information provided by Grype from Anchore. Learn how Chainguard creates security advisories.

CVE-2023-27902

Severity

Description

References

Affected packages

Product

Solutions

Customers

Resources

Company