CVE-2024-43044 Information

Description

Jenkins 2.470 and earlier LTS 2.452.3 and earlier allows agent processes to read arbitrary files from the Jenkins controller file system by using the ClassLoaderProxyfetchJar method in the Remoting library.

Reference

https://www.jenkins.io/security/advisory/2024-08-07/#SECURITY-3430