KNIME directory traversal vulnerability

A directory traversal vulnerability exists in Knime, the Swiss company's enterprise software for putting data science workflows into production. knime stems from a failure of a networked system or product to properly filter special elements in a resource or file path, which could be exploited by ...

Privilege Escalation

jenkins is vulnerable to privilege escalation. An attacker can completely bypass file path filtering by wrapping the file operation in an agent file path...

Path Traversal

jenkins is vulnerable to path traversal. The file path filters do not canonicalize paths, allowing an attacker to follow symbolic links to outside allowed directories...

RHEL 7 : OpenShift Container Platform 3.11.569 (RHSA-2021:4827)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:4827 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or privat...

jenkins: The operations FilePath#renameTo and FilePath#moveAllChildrenTo only check read permission on the source path

An incorrect permissions validation vulnerability was found in Jenkins. The operations FilePathrenameTo and FilePathmoveAllChildrenTo only check read permission on the source path which may allow an attacker who has access to these operations to be able to read and write to arbitrary files on the...

jenkins: File path filters do not canonicalize paths, allowing operations to follow symbolic links to outside allowed directories

A link following vulnerability was found in Jenkins. The file path filters do not canonicalize paths allowing operations to follow symbolic links to directories they are not supposed to have access to. This may allow an attacker to read and write arbitrary files on the Jenkins controller file...

jenkins: FilePath#toURI, FilePath#hasSymlink, FilePath#absolutize, FilePath#isDescendant, and FilePath#get*DiskSpace do not check any permissions

An incorrect permissions validation vulnerability was found in Jenkins. The FilePathtoURI, FilePathhasSymlink, FilePathabsolutize, FilePathisDescendant, and FilePathgetDiskSpace do not check any permissions, which may allow an attacker who has access to any of these operations to be able to read...

jenkins: FilePath#reading(FileVisitor) does not reject any operations allowing users to have unrestricted read access

An incorrect access restriction vulnerability was found in Jenkins. The FilePathreadingFileVisitor does not reject any operations giving users unrestricted read access with certain operations creating archives, copyRecursiveTo. This may allow an attacker to get access to restricted data...

jenkins: Agent processes are able to completely bypass file path filtering by wrapping the file operation in an agent file path

A file path filtering bypass vulnerability was found in Jenkins. Agent processes are able to completely bypass file path filtering by wrapping the file operation in an agent file path. This may allow an attacker who controls the agent process to get read and write access to arbitrary files on the...

jenkins: FilePath#unzip and FilePath#untar were not subject to any access control

An incorrect access control vulnerability was found in Jenkins. The FilePathunzip and FilePathuntar were not subjected to any access control. An attacker with access to FilePathunzip or FilePathuntar operations is able to read and write arbitrary files on the Jenkins controller file system...

jenkins: FilePath#toURI, FilePath#hasSymlink, FilePath#absolutize, FilePath#isDescendant, and FilePath#get*DiskSpace do not check any permissions

An incorrect permissions validation vulnerability was found in Jenkins. The FilePathtoURI, FilePathhasSymlink, FilePathabsolutize, FilePathisDescendant, and FilePathgetDiskSpace do not check any permissions, which may allow an attacker who has access to any of these operations to be able to read...

jenkins: The operations FilePath#renameTo and FilePath#moveAllChildrenTo only check read permission on the source path

An incorrect permissions validation vulnerability was found in Jenkins. The operations FilePathrenameTo and FilePathmoveAllChildrenTo only check read permission on the source path which may allow an attacker who has access to these operations to be able to read and write to arbitrary files on the...

jenkins: FilePath#untar does not check permission to create symbolic links when unarchiving a symbolic link

An incorrect permissions validation vulnerability was found in Jenkins. The FilePathuntar does not check permission to create symbolic links when unarchiving a symbolic link, which may allow an attacker to get read and write access to arbitrary files on the Jenkins controller file system...

jenkins: FilePath#mkdirs does not check permission to create parent directories

An incorrect permissions validation vulnerability was found in Jenkins. The FilePathmkdirs does not check permission to create parent directories, which may allow an attacker who controls the agent process to get read and write arbitrary files on the Jenkins controller file system...

jenkins: Agent processes are able to completely bypass file path filtering by wrapping the file operation in an agent file path

A file path filtering bypass vulnerability was found in Jenkins. Agent processes are able to completely bypass file path filtering by wrapping the file operation in an agent file path. This may allow an attacker who controls the agent process to get read and write access to arbitrary files on the...

jenkins: FilePath#toURI, FilePath#hasSymlink, FilePath#absolutize, FilePath#isDescendant, and FilePath#get*DiskSpace do not check any permissions

An incorrect permissions validation vulnerability was found in Jenkins. The FilePathtoURI, FilePathhasSymlink, FilePathabsolutize, FilePathisDescendant, and FilePathgetDiskSpace do not check any permissions, which may allow an attacker who has access to any of these operations to be able to read...

jenkins: The operations FilePath#renameTo and FilePath#moveAllChildrenTo only check read permission on the source path

An incorrect permissions validation vulnerability was found in Jenkins. The operations FilePathrenameTo and FilePathmoveAllChildrenTo only check read permission on the source path which may allow an attacker who has access to these operations to be able to read and write to arbitrary files on the...

jenkins: FilePath#unzip and FilePath#untar were not subject to any access control

An incorrect access control vulnerability was found in Jenkins. The FilePathunzip and FilePathuntar were not subjected to any access control. An attacker with access to FilePathunzip or FilePathuntar operations is able to read and write arbitrary files on the Jenkins controller file system...

jenkins: FilePath#reading(FileVisitor) does not reject any operations allowing users to have unrestricted read access

An incorrect access restriction vulnerability was found in Jenkins. The FilePathreadingFileVisitor does not reject any operations giving users unrestricted read access with certain operations creating archives, copyRecursiveTo. This may allow an attacker to get access to restricted data...

jenkins: File path filters do not canonicalize paths, allowing operations to follow symbolic links to outside allowed directories

A link following vulnerability was found in Jenkins. The file path filters do not canonicalize paths allowing operations to follow symbolic links to directories they are not supposed to have access to. This may allow an attacker to read and write arbitrary files on the Jenkins controller file...