The agent-to-controller security subsystem limits which files on the Jenkins controller can be accessed by agent processes.
Multiple vulnerabilities in the file path filtering implementation of Jenkins 2.318 and earlier, LTS 2.303.2 and earlier allow a…
[org.jenkins-ci.main:jenkins-core] Protection Mechanism Failure in Jenkins
Agent processes are able to completely bypass file path filtering by wrapping the file operation in an agent file path in Jenkins 2.318 and earlier, LTS 2.303.2 and earlier.
References
https://nvd.nist.gov/vuln/detail/CVE-2021-21690
https://www.jenkin…
[org.jenkins-ci.main:jenkins-core] Multiple vulnerabilities allow bypassing path filtering of agent-to-controller access control in Jenkins
The agent-to-controller security subsystem limits which files on the Jenkins controller can be accessed by agent processes.
Multiple vulnerabilities in the file path filtering implementation of Jenkins 2.318 and earlier, LTS 2.303.2 and earlier allow a…
[org.jenkins-ci.main:jenkins-core] Multiple vulnerabilities allow bypassing path filtering of agent-to-controller access control in Jenkins
The agent-to-controller security subsystem limits which files on the Jenkins controller can be accessed by agent processes.
Multiple vulnerabilities in the file path filtering implementation of Jenkins 2.318 and earlier, LTS 2.303.2 and earlier allow a…
[org.jenkins-ci.plugins:subversion] Path traversal vulnerability in Jenkins Subversion Plugin allows reading arbitrary files
Subversion Plugin 2.15.0 and earlier does not restrict the name of a file when looking up a subversion key file on the controller from an agent.
This allows attackers able to control agent processes to read arbitrary files on the Jenkins controller fil…
[org.jenkins-ci.main:jenkins-core] Multiple vulnerabilities allow bypassing path filtering of agent-to-controller access control in Jenkins
The agent-to-controller security subsystem limits which files on the Jenkins controller can be accessed by agent processes.
Multiple vulnerabilities in the file path filtering implementation of Jenkins 2.318 and earlier, LTS 2.303.2 and earlier allow a…
[org.jenkins-ci.main:jenkins-core] Agent-to-controller access control allowed writing to sensitive directory used by Jenkins Pipeline: Shared Groovy Libraries Plugin
Jenkins 2.318 and earlier, LTS 2.303.2 and earlier does not limit agent read/write access to the libs/ directory inside build directories when using the FilePath APIs. This directory is used by the Pipeline: Shared Groovy Libraries Plugin to store copi…
[org.jenkins-ci.main:jenkins-core] Agent-to-controller access control allows reading/writing most content of build directories in Jenkins
Agents are allowed some limited access to files on the Jenkins controller file system. The directories agents are allowed to access in Jenkins 2.318 and earlier, LTS 2.303.2 and earlier include the directories storing build-related information, intende…
[camaleon_cms] Camaleon CMS vulnerable to Uncaught Exception
In Camaleon CMS, versions 2.0.1 through 2.6.0 are vulnerable to an Uncaught Exception. The app’s media upload feature crashes permanently when an attacker with a low privileged access uploads a specially crafted .svg file.
References
https://nvd.nist….
[camaleon_cms] Camaleon CMS vulnerable to Server-Side Request Forgery
In Camaleon CMS, versions 2.1.2.0 through 2.6.0, are vulnerable to Server-Side Request Forgery (SSRF) in the media upload feature, which allows admin users to fetch media files from external URLs but fails to validate URLs referencing to localhost or o…