CVE-2021-21686

Published: 2021-11-04T17:15Z

Last Modified: 2024-11-21T05:48Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

File path filters in the agent-to-controller security subsystem of Jenkins 2.318 and earlier, LTS 2.303.2 and earlier do not canonicalize paths, allowing operations to follow symbolic links to outside allowed directories. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt