GHSA-5pv7-hx9m-8jh3, CVE-2022-29051
maven/org.jenkins-ci.plugins/publish-over-ftp
Missing Authorization
Missing permission checks in Jenkins Publish Over FTP Plugin 1.16 and earlier allow attackers with Overall/Read permission to connect to an FTP server using attacker-specified credentials.
All versions before 1.17
Upgrade to version 1.17 or above.
2022-05-06
source |