Vulnerabilities > Jenkins > Pwauth Security Realm > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-01-26 | CVE-2023-24449 | Path Traversal vulnerability in Jenkins Pwauth Security Realm 0.3/0.4 Jenkins PWauth Security Realm Plugin 0.4 and earlier does not restrict the names of files in methods implementing form validation, allowing attackers with Overall/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller file system. | 4.3 |