12 matches found
RHCOS 4 : OpenShift Container Platform 4.9.9 (RHSA-2021:4833)
The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:4833 advisory. - jenkins: FilePathmkdirs does not check permission to create parent directories CVE-2021-21685 - jenkins: File path filters do not...
ColumnPack:ColumnPack-plugin (=1.0.3), CustomHistory:CustomHistory (>=1.1 <=1.3) +1594 more potentially affected by CVE-2021-21685 via org.jenkins-ci.main:jenkins-core (>=1.396 <=2.30)
org.jenkins-ci.main:jenkins-core MAVEN version =1.396, =1.1, =0.0.1, =1.0, =1.0, =0.0.1, =0.1.0, =1.0, =0.9, =1.3, =1.0.5.0, =1.0.6.1 and more Source cves: CVE-2021-21685 Source advisory: OSV:GHSA-58XM-MXJF-254G...
Multiple vulnerabilities allow bypassing path filtering of agent-to-controller access control in Jenkins
The agent-to-controller security subsystem limits which files on the Jenkins controller can be accessed by agent processes. Multiple vulnerabilities in the file path filtering implementation of Jenkins 2.318 and earlier, LTS 2.303.2 and earlier allow agent processes to read and write arbitrary...
RHEL 8 : OpenShift Container Platform 4.6.51 (RHSA-2021:4799)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:4799 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or privat...
Important: Red Hat Security Advisory: OpenShift Container Platform 3.11.569 security update
Red Hat OpenShift Container Platform release 3.11.569 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score,...
Important: Red Hat Security Advisory: OpenShift Container Platform 4.6.51 packages and security update
Red Hat OpenShift Container Platform release 4.6.51 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.6. Red Hat Product Security has rated this update as having a...
Important: Red Hat Security Advisory: OpenShift Container Platform 4.8.22 security update
Red Hat OpenShift Container Platform release 4.8.22 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, whic...
Jenkins < 2.303.3, < 2.319 Multiple Vulnerabilities - Linux
Jenkins is prone to multiple vulnerabilities. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
[ASA-202111-1] jenkins: multiple issues
Arch Linux Security Advisory ASA-202111-1 ========================================= Severity: Critical Date : 2021-11-05 CVE-ID : CVE-2021-21685 CVE-2021-21686 CVE-2021-21687 CVE-2021-21688 CVE-2021-21689 CVE-2021-21690 CVE-2021-21691 CVE-2021-21692 CVE-2021-21693 CVE-2021-21694 CVE-2021-21695...
FreeBSD : jenkins -- multiple vulnerabilities (2bf56269-90f8-4a82-b82f-c0e289f2a0dc)
Jenkins Security Advisory : DescriptionCritical SECURITY-2455 / CVE-2021-21685, CVE-2021-21686, CVE-2021-21687, CVE-2021-21688, CVE-2021-21689, CVE-2021-21690, CVE-2021-21691, CVE-2021-21692, CVE-2021-21693, CVE-2021-21694, CVE-2021-21695 Multiple vulnerabilities allow bypassing path filtering of...
CVE-2021-21685
Jenkins 2.318 and earlier, LTS 2.303.2 and earlier does not check agent-to-controller access to create parent directories in FilePathmkdirs...
CVE-2021-21685
CVE-2021-21685 affects Jenkins 2.318 and earlier (including LTS 2.303.2 and earlier). The issue: FilePath#mkdirs does not check permission to create parent directories, enabling agent processes to bypass agent-to-controller access control and potentially read/write files on the controller filesys...