CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4 matches found

OSV•added 2024/03/06 11:0 a.m.•15 views

BIT-JENKINS-2021-21688

The agent-to-controller security check FilePathreadingFileVisitor in Jenkins LTS 2.303.2 and earlier does not reject any operations, allowing users to have unrestricted read access using certain operations creating archives, FilePathcopyRecursiveTo...

7.5CVSS8.2AI score0.00352EPSS

Exploits0References2

RedHat Linux•added 2021/12/02 6:37 p.m.•1 views

jenkins: FilePath#reading(FileVisitor) does not reject any operations allowing users to have unrestricted read access

An incorrect access restriction vulnerability was found in Jenkins. The FilePathreadingFileVisitor does not reject any operations giving users unrestricted read access with certain operations creating archives, copyRecursiveTo. This may allow an attacker to get access to restricted data...

7.5CVSS5.7AI score0.00352EPSS

Exploits0References5

RedHat Linux•added 2021/11/29 10:40 a.m.•2 views

jenkins: FilePath#reading(FileVisitor) does not reject any operations allowing users to have unrestricted read access

7.5CVSS5.7AI score0.00352EPSS

Exploits0References5

Prion•added 2021/11/04 5:15 p.m.•14 views

Design/Logic Flaw

The agent-to-controller security check FilePathreadingFileVisitor in Jenkins 2.318 and earlier, LTS 2.303.2 and earlier does not reject any operations, allowing users to have unrestricted read access using certain operations creating archives, FilePathcopyRecursiveTo...

5CVSS8AI score0.00352EPSS

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by