← back
CVE-2022-25204

CVE-2022-25204

EPSS 0.6%
Jenkins Doktor Plugin 0.4.1 and earlier implements functionality that allows agent processes to render files on the controller as Markdown or Asciidoc, and error messages allow attackers able to control agent processes to determine whether a file with a given name exists.
Affected products
Jenkins project · Jenkins Doktor Plugin

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://www.jenkins.io/security/advisory/2022-02-15/#SECURITY-2548