Exploits released for critical Jenkins RCE flaw, patch now
January 28, 2024 at 12:17PM Multiple proof-of-concept (PoC) exploits for a critical Jenkins vulnerability allowing unauthenticated attackers to access arbitrary files have been made public. SonarSource discovered two flaws, one granting unauthorized file reading and the other enabling arbitrary command execution. Jenkins released fixes with advisory and PoCs have been created, with reported active attacks. … Read more