Security Advisory

CVE-2021-21683

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-10-06 22:10:13

Last updated 2024-08-03 18:23:28

Assigner jenkins

State PUBLISHED

Description

The file browser in Jenkins 2.314 and earlier, LTS 2.303.1 and earlier may interpret some paths to files as absolute on Windows, resulting in a path traversal vulnerability allowing attackers with Overall/Read permission (Windows controller) or Job/Workspace permission (Windows agents) to obtain the contents of arbitrary files.

← Browse all CVEs View on cve.org ↗