VDB
BIT-jenkins-2021-21686
BIT-jenkins-2021-21686
PUBLISHED
CVSS 8.100000381469727 HIGH
File path filters in the agent-to-controller security subsystem of Jenkins LTS 2.303.2 and earlier do not canonicalize paths, allowing operations to follow symbolic links to outside allowed directories.
Risk Scores
CVSS 3.1
8.100000381469727
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Bitnami | jenkins | 0, 0, 0 |
Timeline
- Mar 6, 2024 CVE Published
- Apr 3, 2025 CVE Updated