Security Advisory

CVE-2021-21688

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-11-04 16:30:28
Last updated 2024-08-03 18:23:28
Assigner jenkins
State PUBLISHED

Description

The agent-to-controller security check FilePath#reading(FileVisitor) in Jenkins 2.318 and earlier, LTS 2.303.2 and earlier does not reject any operations, allowing users to have unrestricted read access using certain operations (creating archives, FilePath#copyRecursiveTo).