CVE-2021-21689

CVSS v3.1 9.1 (Critical)

CVSS v2.0 6.4 (Medium)

EPSS 0.17 % (54^th)

Affected Products 1

Advisories 4

FilePath#unzip and FilePath#untar were not subject to any agent-to-controller access control in Jenkins 2.318 and earlier, LTS 2.303.2 and earlier.

		CPE23	From	Up To
	Jenkins prior 2.303.3 version	cpe:2.3:a:jenkins:jenkins::::*:lts		< 2.303.3
	Jenkins prior 2.319 version	cpe:2.3:a:jenkins:jenkins::::*:-		< 2.319