AVG-1781 log
Package | jenkins |
Status | Fixed |
Severity | Medium |
Type | insufficient validation |
Affected | 2.286-1 |
Fixed | 2.287-1 |
Current | 2.491-1 [extra] |
Ticket | None |
Created | Wed Apr 7 17:03:05 2021 |
Issue | Severity | Remote | Type | Description |
---|---|---|---|---|
CVE-2021-21640 | Medium | Yes | Insufficient validation | Jenkins 2.286 and earlier, LTS 2.277.1 and earlier does not properly check that a newly created view has an allowed name, allowing attackers with... |
CVE-2021-21639 | Medium | Yes | Insufficient validation | Jenkins 2.286 and earlier, LTS 2.277.1 and earlier does not validate the type of object created after loading the data submitted to the config.xml REST API... |