CVE-2021-21606
maven/org.jenkins-ci.main/jenkins-core
Improper Input Validation
Jenkins improperly validates the format of a provided fingerprint ID when checking for its existence allowing an attacker to check for the existence of XML files with a short path.
All versions after 2.263.1 up to 2.274
Unfortunately, there is no solution available yet.
2021-01-18
source |