Description
FilePath#listFiles lists files outside directories that agents are allowed to access when following symbolic links in Jenkins 2.318 and earlier, LTS 2.303.2 and earlier.
Remediation
References
Related Vulnerabilities
WordPress Plugin Ajax Search Lite Security Bypass (3.1)
WordPress 4.3.x Multiple Vulnerabilities (4.3 - 4.3.7)
Oracle JRE CVE-2018-2618 Vulnerability (CVE-2018-2618)
MySQL CVE-2022-21483 Vulnerability (CVE-2022-21483)
phpMyAdmin Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-2042)