CVE-2021-21602

Improper Link Resolution Before File Access in maven/org.jenkins-ci.main/jenkins-core

Identifiers

CVE-2021-21602

Package Slug

maven/org.jenkins-ci.main/jenkins-core

Vulnerability

Improper Link Resolution Before File Access

Description

Jenkins allows reading arbitrary files using the file browser for workspaces and archived artifacts by following symlinks.

Affected Versions

All versions after 2.263.1 up to 2.274

Solution

Unfortunately, there is no solution available yet.

Last Modified

2021-01-18

source