AVG-1781 log
| Package | jenkins |
| Status | Fixed |
| Severity | Medium |
| Type | insufficient validation |
| Affected | 2.286-1 |
| Fixed | 2.287-1 |
| Current | 2.539-1 [extra] |
| Ticket | None |
| Created | Wed Apr 7 17:03:05 2021 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2021-21640 | Medium | Yes | Insufficient validation | Jenkins 2.286 and earlier, LTS 2.277.1 and earlier does not properly check that a newly created view has an allowed name, allowing attackers with... |
| CVE-2021-21639 | Medium | Yes | Insufficient validation | Jenkins 2.286 and earlier, LTS 2.277.1 and earlier does not validate the type of object created after loading the data submitted to the config.xml REST API... |