5 matches found
com.joelj.jenkins:ez-templates (=1.0.5), com.synopsys.jenkinsci:ownership (>=0.9.0 <=0.13.0) +12 more potentially affected by CVE-2021-21623 via org.jenkins-ci.plugins:matrix-auth (>=1.0 <=1.7)
org.jenkins-ci.plugins:matrix-auth MAVEN version =1.0, =0.9.0, =0.34, =1.535, =1.645, =0.1.1, =1.0, =2.4.0, =1.0-beta.2, =1.0, =2.0.0, =0.1, =1.0.21 Source cves: CVE-2021-21623 Source advisory: OSV:GHSA-96JW-3XW4-MQ9P...
Jenkins Enterprise and Operations Center < 2.222.43.0.3 rev2 / 2.249.30.0.3 rev2 / 2.277.1.2 rev2 Multiple Vulnerabilities (CloudBees Security Advisory 2021-03-18)
The version of Jenkins Enterprise or Jenkins Operations Center running on the remote web server is 2.222.x prior to 2.222.43.0.3 rev2, 2.249.x prior to 2.249.30.0.3 rev2, or 2.x prior to 2.277.1.2 rev2. It is, therefore, affected by multiple vulnerabilities, including the following: - An incorrec...
Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.8.2 packages and security update
Red Hat OpenShift Container Platform release 4.8.2 is now available with updates to packages and images that fix several bugs. This release includes a security update for Red Hat OpenShift Container Platform 4.8. Red Hat Product Security has rated this update as having a security impact of...
CVE-2021-21623
An incorrect permission check in Jenkins Matrix Authorization Strategy Plugin 2.6.5 and earlier allows attackers with Item/Read permission on nested items to access them, even if they lack Item/Read permission for parent folders...
CVE-2021-21623
CVE-2021-21623: Jenkins Matrix Authorization Strategy Plugin 2.6.5 and earlier contains an incorrect permission check that lets users with Item/Read on nested items access those items, even if they lack Item/Read on the parent folders. The issue is documented across multiple sources (OSV, NVD, CN...