Home

CVE-2018-1000175

Description

A path traversal vulnerability exists in Jenkins HTML Publisher Plugin 1.15 and older in HtmlPublisherTarget.java that allows attackers able to configure the HTML Publisher build step to override arbitrary files on the Jenkins master.

Risk Information

Base Score
6.5
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
EPSS Score
Exploitation Probability
0.342

Associated Vulnerability

VulnerabilityOS Platform
Vulnerabilities CVE-2018-1000175 are fixed in Jenkins - htmlpublisher 1.16Windows
Vulnerabilities CVE-2018-1000175 are fixed in Jenkins - htmlpublisher for Linux 1.16Linux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234