Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Security Advisories: GSA_kwCzR0hTQS1xNThqLWZoajctajZmZ84AAqj4
Path traversal vulnerability in Jenkins Subversion Plugin allows reading arbitrary files
Subversion Plugin 2.15.0 and earlier does not restrict the name of a file when looking up a subversion key file on the controller from an agent.
This allows attackers able to control agent processes to read arbitrary files on the Jenkins controller file system.
Subversion Plugin 2.15.1 checks for the presence of and prohibits directory separator characters as part of the file name, restricting it to the intended directory.
Permalink: https://github.com/advisories/GHSA-q58j-fhj7-j6fgJSON: https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS1xNThqLWZoajctajZmZ84AAqj4
Source: GitHub Advisory Database
Origin: Unspecified
Severity: Moderate
Classification: General
Published: almost 2 years ago
Updated: 4 months ago
CVSS Score: 6.5
CVSS vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Identifiers: GHSA-q58j-fhj7-j6fg, CVE-2021-21698
References:
- https://nvd.nist.gov/vuln/detail/CVE-2021-21698
- https://www.jenkins.io/security/advisory/2021-11-04/#SECURITY-2506
- http://www.openwall.com/lists/oss-security/2021/11/04/3
- https://github.com/jenkinsci/subversion-plugin/commit/7d1525edea6641a2febd3f7deeac55c0a89b0d7e
- https://github.com/advisories/GHSA-q58j-fhj7-j6fg
Blast Radius: 1.0
Affected Packages
maven:org.jenkins-ci.plugins:subversion
Affected Version Ranges: <= 2.15.0Fixed in: 2.15.1