AVG-2118 log
| Package | jenkins |
| Status | Fixed |
| Severity | High |
| Type | multiple issues |
| Affected | 2.299-1 |
| Fixed | 2.300-1 |
| Current | 2.455-1 [extra] |
| Ticket | None |
| Created | Thu Jul 1 09:37:13 2021 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2021-21671 | High | Yes | Authentication bypass | Jenkins 2.299 and earlier does not invalidate the existing session on login. This allows attackers to use social engineering techniques to gain... |
| CVE-2021-21670 | Medium | Yes | Access restriction bypass | Jenkins 2.299 and earlier allows users to cancel queue items and abort builds of jobs for which they have Item/Cancel permission even when they do not have... |
| Date | Advisory | Package | Type |
|---|---|---|---|
| 01 Jul 2021 | ASA-202107-5 | jenkins | multiple issues |