CVE-2023-32981 – org.jenkins-ci.plugins:pipeline-utility-steps

Package

Manager: maven
Name: org.jenkins-ci.plugins:pipeline-utility-steps
Vulnerable Version: >=0 <2.15.3

Severity

Level: Medium

CVSS v3.1: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

EPSS: 0.00765 pctl0.72538

Details

Jenkins Pipeline Utility Steps Plugin arbitrary file write vulnerability Jenkins Pipeline Utility Steps Plugin provides the `untar` and `unzip` Pipeline steps to extract archives into job workspaces. Pipeline Utility Steps Plugin 2.15.2 and earlier does not validate or limit file paths of files contained within these archives. This allows attackers able to provide crafted archives as parameters to create or replace arbitrary files on the agent file system with attacker-specified content. Pipeline Utility Steps Plugin 2.15.3 rejects extraction of files in `tar` and `zip` archives that would be placed outside the expected destination directory.

Metadata

Created: 2023-05-16T18:30:16Z
Modified: 2023-05-17T02:59:30Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/05/GHSA-6987-xccv-fhjp/GHSA-6987-xccv-fhjp.json
CWE IDs: ["CWE-787"]
Alternative ID: GHSA-6987-xccv-fhjp
Finding: F111
Auto approve: 1