CVE-2021-21606

Jenkins 2.274 and earlier, LTS 2.263.1 and earlier improperly validates the format of a provided fingerprint ID when checking for its existence allowing an attacker to check for the existence of XML files with a short path.
Configurations

Configuration 1

cpe:2.3:a:jenkins:jenkins:*:*:*:*:-:*:*:*
cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*

Information

Published : 2021-01-13 04:15

Updated : 2021-01-15 06:58


NVD link : CVE-2021-21606

Mitre link : CVE-2021-21606

Products Affected
No products.
CWE