The agent-to-controller security check FilePath#reading(FileVisitor) in Jenkins 2.318 and previous versions, LTS 2.303.2 and previous versions does not reject any operations, allowing users to have unrestricted read access using certain operations (creating archives, FilePath#copyRecursiveTo).
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
jenkins jenkins |