VYPR
Moderate severityNVD Advisory· Published Nov 27, 2024· Updated Nov 27, 2024

CVE-2024-54004

CVE-2024-54004

Description

Jenkins Filesystem List Parameter Plugin 0.0.14 and earlier does not restrict the path used for the File system objects list Parameter, allowing attackers with Item/Configure permission to enumerate file names on the Jenkins controller file system.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
aendter.jenkins.plugins:filesystem-list-parameter-pluginMaven
< 0.0.150.0.15

Affected products

2

Patches

Vulnerability mechanics

References

3

News mentions

1