Total
248 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-21694 | 1 Jenkins | 1 Jenkins | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| FilePath#toURI, FilePath#hasSymlink, FilePath#absolutize, FilePath#isDescendant, and FilePath#get*DiskSpace do not check any permissions in Jenkins 2.318 and earlier, LTS 2.303.2 and earlier. | |||||
| CVE-2021-21693 | 1 Jenkins | 1 Jenkins | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| When creating temporary files, agent-to-controller access to create those files is only checked after they've been created in Jenkins 2.318 and earlier, LTS 2.303.2 and earlier. | |||||
| CVE-2021-21692 | 1 Jenkins | 1 Jenkins | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| FilePath#renameTo and FilePath#moveAllChildrenTo in Jenkins 2.318 and earlier, LTS 2.303.2 and earlier only check 'read' agent-to-controller access permission on the source path, instead of 'delete'. | |||||
| CVE-2021-21691 | 1 Jenkins | 1 Jenkins | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Creating symbolic links is possible without the 'symlink' agent-to-controller access control permission in Jenkins 2.318 and earlier, LTS 2.303.2 and earlier. | |||||
| CVE-2021-21690 | 1 Jenkins | 1 Jenkins | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Agent processes are able to completely bypass file path filtering by wrapping the file operation in an agent file path in Jenkins 2.318 and earlier, LTS 2.303.2 and earlier. | |||||
| CVE-2021-21689 | 1 Jenkins | 1 Jenkins | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
| FilePath#unzip and FilePath#untar were not subject to any agent-to-controller access control in Jenkins 2.318 and earlier, LTS 2.303.2 and earlier. | |||||
| CVE-2021-21688 | 1 Jenkins | 1 Jenkins | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| The agent-to-controller security check FilePath#reading(FileVisitor) in Jenkins 2.318 and earlier, LTS 2.303.2 and earlier does not reject any operations, allowing users to have unrestricted read access using certain operations (creating archives, FilePath#copyRecursiveTo). | |||||
| CVE-2021-21687 | 1 Jenkins | 1 Jenkins | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
| Jenkins 2.318 and earlier, LTS 2.303.2 and earlier does not check agent-to-controller access to create symbolic links when unarchiving a symbolic link in FilePath#untar. | |||||
| CVE-2021-21686 | 1 Jenkins | 1 Jenkins | 2024-11-21 | 5.8 MEDIUM | 8.1 HIGH |
| File path filters in the agent-to-controller security subsystem of Jenkins 2.318 and earlier, LTS 2.303.2 and earlier do not canonicalize paths, allowing operations to follow symbolic links to outside allowed directories. | |||||
| CVE-2021-21685 | 1 Jenkins | 1 Jenkins | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
| Jenkins 2.318 and earlier, LTS 2.303.2 and earlier does not check agent-to-controller access to create parent directories in FilePath#mkdirs. | |||||
| CVE-2021-21683 | 2 Jenkins, Microsoft | 2 Jenkins, Windows | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| The file browser in Jenkins 2.314 and earlier, LTS 2.303.1 and earlier may interpret some paths to files as absolute on Windows, resulting in a path traversal vulnerability allowing attackers with Overall/Read permission (Windows controller) or Job/Workspace permission (Windows agents) to obtain the contents of arbitrary files. | |||||
| CVE-2021-21682 | 2 Jenkins, Microsoft | 2 Jenkins, Windows | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| Jenkins 2.314 and earlier, LTS 2.303.1 and earlier accepts names of jobs and other entities with a trailing dot character, potentially replacing the configuration and data of other entities on Windows. | |||||
| CVE-2021-21671 | 1 Jenkins | 1 Jenkins | 2024-11-21 | 5.1 MEDIUM | 7.5 HIGH |
| Jenkins 2.299 and earlier, LTS 2.289.1 and earlier does not invalidate the previous session on login. | |||||
| CVE-2021-21670 | 1 Jenkins | 1 Jenkins | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| Jenkins 2.299 and earlier, LTS 2.289.1 and earlier allows users to cancel queue items and abort builds of jobs for which they have Item/Cancel permission even when they do not have Item/Read permission. | |||||
| CVE-2021-21640 | 1 Jenkins | 1 Jenkins | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| Jenkins 2.286 and earlier, LTS 2.277.1 and earlier does not properly check that a newly created view has an allowed name, allowing attackers with View/Create permission to create views with invalid or already-used names. | |||||
| CVE-2021-21639 | 1 Jenkins | 1 Jenkins | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| Jenkins 2.286 and earlier, LTS 2.277.1 and earlier does not validate the type of object created after loading the data submitted to the `config.xml` REST API endpoint of a node, allowing attackers with Computer/Configure permission to replace a node with one of a different type. | |||||
| CVE-2021-21615 | 1 Jenkins | 1 Jenkins | 2024-11-21 | 3.5 LOW | 5.3 MEDIUM |
| Jenkins 2.275 and LTS 2.263.2 allows reading arbitrary files using the file browser for workspaces and archived artifacts due to a time-of-check to time-of-use (TOCTOU) race condition. | |||||
| CVE-2021-21611 | 1 Jenkins | 1 Jenkins | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| Jenkins 2.274 and earlier, LTS 2.263.1 and earlier does not escape display names and IDs of item types shown on the New Item page, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to specify display names or IDs of item types. | |||||
| CVE-2021-21610 | 1 Jenkins | 1 Jenkins | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Jenkins 2.274 and earlier, LTS 2.263.1 and earlier does not implement any restrictions for the URL rendering a formatted preview of markup passed as a query parameter, resulting in a reflected cross-site scripting (XSS) vulnerability if the configured markup formatter does not prohibit unsafe elements (JavaScript) in markup. | |||||
| CVE-2021-21609 | 1 Jenkins | 1 Jenkins | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| Jenkins 2.274 and earlier, LTS 2.263.1 and earlier does not correctly match requested URLs to the list of always accessible paths, allowing attackers without Overall/Read permission to access some URLs as if they did have Overall/Read permission. | |||||