Skip to content

Path traversal vulnerability in Blue Ocean Plugin

Moderate severity GitHub Reviewed Published May 24, 2022 to the GitHub Advisory Database • Updated Dec 14, 2023

Package

maven io.jenkins.blueocean:blueocean (Maven)

Affected versions

<= 1.23.2

Patched versions

1.23.3

Description

Blue Ocean Plugin 1.23.2 and earlier provides an undocumented feature flag, blueocean.features.GIT_READ_SAVE_TYPE, that when set to the value clone allows an attacker with Item/Configure or Item/Create permission to read arbitrary files on the Jenkins controller file system.

Blue Ocean Plugin 1.23.3 no longer includes this feature and redirects existing usage to a safer alternative.

References

Published by the National Vulnerability Database Sep 16, 2020
Published to the GitHub Advisory Database May 24, 2022
Reviewed Dec 29, 2022
Last updated Dec 14, 2023

Severity

Moderate
5.3
/ 10

CVSS base metrics

Attack vector
Network
Attack complexity
High
Privileges required
Low
User interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

Weaknesses

CVE ID

CVE-2020-2254

GHSA ID

GHSA-vq7j-6pcq-f48p

Source code

Credits

Checking history
See something to contribute? Suggest improvements for this vulnerability.