CVE-2021-21694 (jenkins)
FilePath#toURI, FilePath#hasSymlink, FilePath#absolutize, FilePath#isDescendant, and FilePath#get*DiskSpace do not check any…
FilePath#toURI, FilePath#hasSymlink, FilePath#absolutize, FilePath#isDescendant, and FilePath#get*DiskSpace do not check any…
FilePath#toURI, FilePath#hasSymlink, FilePath#absolutize, FilePath#isDescendant, and FilePath#get*DiskSpace do not check any…
When creating temporary files, agent-to-controller access to create those files…
When creating temporary files, agent-to-controller access to create those files…
FilePath#renameTo and FilePath#moveAllChildrenTo in Jenkins 2.318 and earlier, LTS 2.303.2…
FilePath#renameTo and FilePath#moveAllChildrenTo in Jenkins 2.318 and earlier, LTS 2.303.2…
Creating symbolic links is possible without the 'symlink' agent-to-controller access…
Creating symbolic links is possible without the 'symlink' agent-to-controller access…
Agent processes are able to completely bypass file path filtering…
FilePath#unzip and FilePath#untar were not subject to any agent-to-controller access…
FilePath#unzip and FilePath#untar were not subject to any agent-to-controller access…