Lucene search
+L

10 matches found

vulnersosv
vulnersosv
added 2022/05/24 7:6 p.m.5 views

ColumnPack:ColumnPack-plugin (=1.0.3), CustomHistory:CustomHistory (>=1.1 <=1.3) +1594 more potentially affected by CVE-2021-21671 via org.jenkins-ci.main:jenkins-core (>=1.396 <=2.28)

org.jenkins-ci.main:jenkins-core MAVEN version =1.396, =1.1, =0.0.1, =1.0, =1.0, =0.0.1, =0.1.0, =1.0, =0.9, =1.3, =1.0.5.0, =1.0.6.1 and more Source cves: CVE-2021-21671 Source advisory: OSV:GHSA-4WR9-2XC6-JMG5...

7.5CVSS7.1AI score0.01706EPSS
Exploits0
redhat
redhat
added 2021/10/19 8:23 p.m.40 views

Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.8.15 packages and security update

Red Hat OpenShift Container Platform release 4.8.15 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.8. Red Hat Product Security has rated this update as having a...

7.5CVSS6.7AI score0.06975EPSS
Exploits4References8
redhatcve
redhatcve
added 2021/09/24 7:13 p.m.49 views

CVE-2021-21671

Session fixation vulnerability was found in Jenkins. The existing session on login process are not invalidated and this allows an attacker to gain potentially additional access on Jenkins by using social engineering attack techniques on a target user...

7.5CVSS3.9AI score0.01706EPSS
Exploits0References4
openvas
openvas
added 2021/07/01 12:0 a.m.12 views

Jenkins < 2.289.2, < 2.300 Multiple Vulnerabilities - Windows

Jenkins is prone to multiple vulnerabilities. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.5CVSS6AI score0.01982EPSS
Exploits0References1
openvas
openvas
added 2021/07/01 12:0 a.m.18 views

Jenkins < 2.289.2, < 2.300 Multiple Vulnerabilities - Linux

Jenkins is prone to multiple vulnerabilities. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.5CVSS6AI score0.01982EPSS
Exploits0References1
archlinux
archlinux
added 2021/07/01 12:0 a.m.174 views

[ASA-202107-5] jenkins: multiple issues

Arch Linux Security Advisory ASA-202107-5 ========================================= Severity: High Date : 2021-07-01 CVE-ID : CVE-2021-21670 CVE-2021-21671 Package : jenkins Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-2118 Summary ======= The package jenkins befo...

7.5CVSS1.1AI score0.01982EPSS
Exploits0References7
nvd
nvd
added 2021/06/30 5:15 p.m.17 views

CVE-2021-21671

Jenkins 2.299 and earlier, LTS 2.289.1 and earlier does not invalidate the previous session on login...

7.5CVSS0.01706EPSS
Exploits0References2
alpinelinux
alpinelinux
added 2021/06/30 5:15 p.m.35 views

CVE-2021-21671

Jenkins 2.299 and earlier, LTS 2.289.1 and earlier does not invalidate the previous session on login...

7.5CVSS2.8AI score0.01706EPSS
Exploits0
cve
cve
added 2021/06/30 4:45 p.m.212 views

CVE-2021-21671

CVE-2021-21671 affects Jenkins 2.299 and earlier (including LTS 2.289.1 and earlier), where the system does not invalidate the previous session on login, enabling session fixation. Exploitation could allow a remote attacker with social engineering to gain administrator access. Remediation: upgrad...

7.5CVSS7.3AI score0.01706EPSS
Exploits0References2Affected Software1
cvelist
cvelist
added 2021/06/30 4:45 p.m.28 views

CVE-2021-21671

Jenkins 2.299 and earlier, LTS 2.289.1 and earlier does not invalidate the previous session on login...

7.6AI score0.01706EPSS
Exploits0References2
Rows per page
Query Builder