CVE-2021-21682 - log back

CVE-2021-21682 edited at 07 Oct 2021 07:03:54
Remote
- Local
+ Remote
CVE-2021-21682 edited at 07 Oct 2021 07:02:37
Severity
- Unknown
+ Medium
Remote
- Unknown
+ Local
Type
- Unknown
+ Directory traversal
Description
+ Jenkins 2.314 and earlier accepts names of jobs and other entities with a trailing dot character, potentially replacing the configuration and data of other entities on Windows.
References
+ https://www.jenkins.io/security/advisory/2021-10-06/#SECURITY-2424
Notes
CVE-2021-21682 created at 07 Oct 2021 07:01:43