CVE-2018-1000175: Path Traversal

May 8, 2018 (updated June 13, 2018)

A path traversal vulnerability exists in the Jenkins HTML Publisher Plugin that allows attackers able to configure the HTML Publisher build step to override arbitrary files on the Jenkins master.

References

jenkins.io/security/advisory/2018-04-16/
nvd.nist.gov/vuln/detail/CVE-2018-1000175

Detect and mitigate CVE-2018-1000175 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →