CVE-2021-21693: Improper Authorization
(updated )
When creating temporary files, agent-to-controller access to create those files is only checked after they’ve been created in Jenkins.
References
Detect and mitigate CVE-2021-21693 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →