Lucene search
China National Vulnerability DatabaseCNVD-2021-103091HistoryNov 06, 2021 - 12:00 a.m.
Jenkins Subversion Plugin Path Traversal Vulnerability
2021-11-0600:00:00
China National Vulnerability Database
www.cnvd.org.cn
9
jenkins
subversion
plugin
path traversal
vulnerability
automation
server
controller
agent
sensitive information
exploit
EPSS
0.004
Percentile
72.7%
Jenkins is a Jenkins open source application. An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Subversion Plugin in version 2.15.0 and earlier has a path traversal vulnerability that stems from the fact that Jenkins Subversion Plugin does not restrict the file name when looking up a controller from an agent on subversion key file from the agent without restricting the filename. An attacker could exploit this vulnerability to obtain sensitive information.
Related
osv
osv
Path traversal vulnerability in Jenkins Subversion Plugin allows reading arbitrary files
2022-05-24 19:19:43
CVE-2021-21698
2021-11-04 17:15:08
prion
prion
Code injection
2021-11-04 17:15:00
cvelist
cvelist
CVE-2021-21698
2021-11-04 16:30:44
redhatcve
redhatcve
CVE-2021-21698
2021-11-04 18:56:22
veracode
veracode
Information Disclosure
2021-12-08 00:41:06
nvd
nvd
CVE-2021-21698
2021-11-04 17:15:08
cve
cve
CVE-2021-21698
2021-11-04 17:15:08
github
github
redhat
redhat
nessus
nessus
FreeBSD : jenkins -- multiple vulnerabilities (2bf56269-90f8-4a82-b82f-c0e289f2a0dc)
2021-11-05 00:00:00
RHEL 8 : OpenShift Container Platform 4.7.38 (RHSA-2021:4801)
2021-12-02 00:00:00
Jenkins LTS < 2.303.3 / Jenkins weekly < 2.319 Multiple Vulnerabilities
2021-11-04 00:00:00
freebsd
freebsd
jenkins -- multiple vulnerabilities
2021-11-04 00:00:00