8 matches found
BIT-JENKINS-2021-21688
The agent-to-controller security check FilePathreadingFileVisitor in Jenkins LTS 2.303.2 and earlier does not reject any operations, allowing users to have unrestricted read access using certain operations creating archives, FilePathcopyRecursiveTo...
The vulnerability of the FilePath#reading(FileVisitor) component in the Jenkins automation server allows a malicious actor to have unlimited access to read files by using certain operations.
The vulnerability of the FilePathreadingFileVisitor component in Jenkins automation servers is related to the absence of authentication procedures. Exploiting this vulnerability allows a malicious actor to gain unlimited access to files by performing certain operations...
Privilege Escalation
jenkins is vulnerable to privilege escalation. The FilePathreading does not reject any operations, allowing an attacker to have unrestricted read access, using a specific procedure...
jenkins: FilePath#reading(FileVisitor) does not reject any operations allowing users to have unrestricted read access
An incorrect access restriction vulnerability was found in Jenkins. The FilePathreadingFileVisitor does not reject any operations giving users unrestricted read access with certain operations creating archives, copyRecursiveTo. This may allow an attacker to get access to restricted data...
jenkins: FilePath#reading(FileVisitor) does not reject any operations allowing users to have unrestricted read access
An incorrect access restriction vulnerability was found in Jenkins. The FilePathreadingFileVisitor does not reject any operations giving users unrestricted read access with certain operations creating archives, copyRecursiveTo. This may allow an attacker to get access to restricted data...
jenkins: FilePath#reading(FileVisitor) does not reject any operations allowing users to have unrestricted read access
An incorrect access restriction vulnerability was found in Jenkins. The FilePathreadingFileVisitor does not reject any operations giving users unrestricted read access with certain operations creating archives, copyRecursiveTo. This may allow an attacker to get access to restricted data...
CVE-2021-21688
The agent-to-controller security check FilePathreadingFileVisitor in Jenkins 2.318 and earlier, LTS 2.303.2 and earlier does not reject any operations, allowing users to have unrestricted read access using certain operations creating archives, FilePathcopyRecursiveTo...
Jenkins 安全漏洞
Jenkins is a Jenkins open source application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying and automating any project. A security vulnerability exists in Jenkins that stems from an agent-to-controller security check FilePathreadingFileVisit...