Jenkins Improper Link Resolution Before File Access (Link Following) Vulnerability - CVE-2021-21686 - Vulnerability Database

Jenkins Improper Link Resolution Before File Access (Link Following) Vulnerability - CVE-2021-21686

High
Reference: CVE-2021-21686
Title: Jenkins Improper Link Resolution Before File Access (Link Following) Vulnerability
Overview:

File path filters in the agent-to-controller security subsystem of Jenkins 2.318 and earlier LTS 2.303.2 and earlier do not canonicalize paths allowing operations to follow symbolic links to outside allowed directories.