Trung Pham

**Name of the Vulnerable Software and Affected Versions** Jenkins Sidebar Link Plugin versions 2.2.1 and earlier **Description** The issue allows attackers with Overall/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller file system. This is due to the plugin not restricting the path of files in a method implementing form validation. The plugin allows specifying files in the `userContent/` directory for use as link icons. **Recommendations** For Jenkins Sidebar Link Plugin versions 2.2.1 and earlier, update to version 2.2.2 or later to ensure that only files located within the expected `userContent/` directory can be accessed.

**Name of the Vulnerable Software and Affected Versions** Jenkins File Parameter Plugin versions 285.v757c5b 67a c25 and earlier **Description** The issue allows attackers with Item/Configure permission to create or replace arbitrary files on the Jenkins controller file system with attacker-specified content. This is due to the lack of restriction on the name and resulting uploaded file name of Stashed File Parameters. **Recommendations** For versions 285.v757c5b 67a c25 and earlier, update to a version that restricts the name of Stashed File Parameters, such as version 285.287.v4b 7b 29d3469d, to prevent attackers from creating or replacing arbitrary files on the Jenkins controller file system.

**Name of the Vulnerable Software and Affected Versions** Jenkins LoadComplete support Plugin versions 1.0 and earlier **Description** The issue is related to a stored cross-site scripting (XSS) vulnerability. This occurs because the LoadComplete test name is not properly escaped, allowing attackers with Item/Configure permission to exploit this weakness. The vulnerability is present in the test result page. **Recommendations** For Jenkins LoadComplete support Plugin versions 1.0 and earlier: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 112 Focus for Android versions prior to 112 Firefox ESR versions prior to 102.10 Firefox for Android versions prior to 112 Thunderbird versions prior to 102.10 **Description** The issue arises from improper handling of the filename directive in the Content-Disposition header, specifically when the filename contains a NULL character, leading to filename truncation. This could facilitate reflected file download attacks, potentially tricking users into installing malware. **Recommendations** For Firefox versions prior to 112, update to version 112 or later. For Focus for Android versions prior to 112, update to version 112 or later. For Firefox ESR versions prior to 102.10, update to version 102.10 or later. For Firefox for Android versions prior to 112, update to version 112 or later. For Thunderbird versions prior to 102.10, update to version 102.10 or later.

**Nome do software vulnerável e versões afetadas** Versões do Spring-integration-zip anteriores à 1.0.4 **Descrição** A vulnerabilidade permite a gravação arbitrária de arquivos, o que pode ser feito usando um arquivo zip especialmente criado, bem como outros formatos de arquivo, como bzip2, tar, xz, war, cpio e 7z. Esses arquivos podem conter nomes de arquivos que permitem a traversal de caminho. Quando o nome do arquivo é concatenado ao diretório de extração de destino, o caminho final pode acabar fora da pasta de destino. **Recomendações** Para versões do Spring-integration-zip anteriores à 1.0.4, atualize para a versão 1.0.4 ou posterior para resolver o problema. Como solução temporária, considere restringir o uso de arquivos zip e outros tipos de arquivos afetados até que a atualização seja aplicada. Evite usar a funcionalidade de extração zip vulnerável nas versões afetadas até que o problema seja resolvido.