VDB
CVE-2023-27903
CVE-2023-27903
PUBLISHED
Jenkins LTS 2.375.3 and earlier creates a temporary file in the default temporary directory with the default permissions for newly created files when uploading a file parameter through the CLI, potentially allowing attackers with access to the Jenkins controller file system to read and write the file before it is used.
EPSS 0.07% · 20.8th percentile
Risk Scores
EPSS Score
0.07%
20.8th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Bitnami | jenkins | 0 |
| Bitnami | jenkins | 0 |
Timeline
- Mar 8, 2023 CVE Published
- Mar 9, 2023 EPSS Score
- Apr 17, 2023 EPSS Score
- May 26, 2023 EPSS Score
- Jul 4, 2023 EPSS Score
- Aug 12, 2023 EPSS Score
- Sep 19, 2023 EPSS Score
- Oct 28, 2023 EPSS Score
- Dec 6, 2023 EPSS Score
- Jan 14, 2024 EPSS Score
- Feb 22, 2024 EPSS Score
- Apr 1, 2024 EPSS Score