FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

jenkins -- multiple vulnerabilities

Affected packages
jenkins < 2.300
jenkins-lts < 2.289.2

Details

VuXML ID 9d271bab-da22-11eb-86f0-94c691a700a6
Discovery 2021-06-30
Entry 2021-07-01

Jenkins Security Advisory:

Description

(Medium) SECURITY-2278 / CVE-2021-21670

Improper permission checks allow canceling queue items and aborting builds

(High) SECURITY-2371 / CVE-2021-21671

Session fixation vulnerability

References

CVE Name CVE-2021-21670
CVE Name CVE-2021-21671
URL https://www.jenkins.io/security/advisory/2021-06-30/