6 matches found
ColumnPack:ColumnPack-plugin (=1.0.3), CustomHistory:CustomHistory (>=1.1 <=1.3) +1594 more potentially affected by CVE-2021-21670 via org.jenkins-ci.main:jenkins-core (>=1.396 <=2.28)
org.jenkins-ci.main:jenkins-core MAVEN version =1.396, =1.1, =0.0.1, =1.0, =1.0, =0.0.1, =0.1.0, =1.0, =0.9, =1.3, =1.0.5.0, =1.0.6.1 and more Source cves: CVE-2021-21670 Source advisory: OSV:GHSA-Q4WP-8C99-69PW...
Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.8.15 packages and security update
Red Hat OpenShift Container Platform release 4.8.15 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.8. Red Hat Product Security has rated this update as having a...
[ASA-202107-5] jenkins: multiple issues
Arch Linux Security Advisory ASA-202107-5 ========================================= Severity: High Date : 2021-07-01 CVE-ID : CVE-2021-21670 CVE-2021-21671 Package : jenkins Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-2118 Summary ======= The package jenkins befo...
Jenkins < 2.289.2, < 2.300 Multiple Vulnerabilities - Windows
Jenkins is prone to multiple vulnerabilities. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Jenkins < 2.289.2, < 2.300 Multiple Vulnerabilities - Linux
Jenkins is prone to multiple vulnerabilities. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
CVE-2021-21670
Summary: CVE-2021-21670 affects Jenkins 2.299 and earlier (including LTS 2.289.1 and earlier). The flaw is an improper permission check that allows canceling queue items and aborting builds for which the user has Item/Cancel permission but not Item/Read. Root cause: insufficient access-control va...