CVE-2021-21602

Summary

Jenkins 2.274 and earlier, LTS 2.263.1 and earlier allows reading arbitrary files using the file browser for workspaces and archived artifacts by following symlinks.

Affected Software

VendorProductVersion RangeStatus
Jenkins projectJenkinsunspecified <= 2.274affected
Jenkins projectJenkinsunspecified <= LTS 2.263.1affected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

References