Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2021-21683

Опубликовано: 06 окт. 2021
Источник: debian
EPSS Низкий

Описание

The file browser in Jenkins 2.314 and earlier, LTS 2.303.1 and earlier may interpret some paths to files as absolute on Windows, resulting in a path traversal vulnerability allowing attackers with Overall/Read permission (Windows controller) or Job/Workspace permission (Windows agents) to obtain the contents of arbitrary files.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
jenkinsremovedpackage

EPSS

Процентиль: 79%
0.01205
Низкий

Связанные уязвимости

nvd логотип

CVE-2021-21683

CVSS3: 6.5
nvd
больше 4 лет назад

The file browser in Jenkins 2.314 and earlier, LTS 2.303.1 and earlier may interpret some paths to files as absolute on Windows, resulting in a path traversal vulnerability allowing attackers with Overall/Read permission (Windows controller) or Job/Workspace permission (Windows agents) to obtain the contents of arbitrary files.

github логотип

GHSA-4pw5-r58h-fv24

CVSS3: 6.5
github
больше 3 лет назад

Path traversal vulnerability on Windows in Jenkins

EPSS

Процентиль: 79%
0.01205
Низкий