An information exposure vulnerability exists in Jenkins 2.153 and previous versions, LTS 2.138.3 and previous versions in DirectoryBrowserSupport.java that allows attackers with the ability to control build output to browse the file system on agents running builds beyond the duration of the build using the workspace browser.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
jenkins jenkins |
||
redhat openshift container platform 3.11 |