CVE-2018-1999002 - log back

CVE-2018-1999002 created at 25 Sep 2019 19:31:40
Severity
+ High
Remote
+ Remote
Type
+ Arbitrary filesystem access
Description
+ An arbitrary file read vulnerability in the Stapler web framework used by Jenkins before 2.133 allowed unauthenticated users to send crafted HTTP requests returning the contents of any file on the Jenkins master file system that the Jenkins master process has access to.
References
+ https://jenkins.io/security/advisory/2018-07-18/
Notes