AVG-2118 log
Package | jenkins |
Status | Fixed |
Severity | High |
Type | multiple issues |
Affected | 2.299-1 |
Fixed | 2.300-1 |
Current | 2.485-1 [extra] |
Ticket | None |
Created | Thu Jul 1 09:37:13 2021 |
Issue | Severity | Remote | Type | Description |
---|---|---|---|---|
CVE-2021-21671 | High | Yes | Authentication bypass | Jenkins 2.299 and earlier does not invalidate the existing session on login. This allows attackers to use social engineering techniques to gain... |
CVE-2021-21670 | Medium | Yes | Access restriction bypass | Jenkins 2.299 and earlier allows users to cancel queue items and abort builds of jobs for which they have Item/Cancel permission even when they do not have... |
Date | Advisory | Package | Type |
---|---|---|---|
01 Jul 2021 | ASA-202107-5 | jenkins | multiple issues |