Jenkins Plugin Permission Bypass and CSRF Vulnerabilities (CVE-2021-21623/21624/21625/21626/21627)
Security AdvisorySECURITY-2180MediumJenkins
Affected:
- Matrix Authorization Strategy Plugin up to and including 2.6.5
- Role-based Authorization Strategy Plugin up to and including 3.1
- AWS Credentials Plugin up to and including 1.28
- Warnings Plugin up to and including 8.4.4
- Libvirt Agents Plugin up to and including 1.9.0
参照 CVE: CVE-2021-21626
文章内图片已隐藏以节省流量 · 升级 Pro 后可见图片及离线存档
本文由本平台从 www.jenkins.io 自动抓取,经 LLM 流水线清洗、双语翻译。版权归原作者。查看原文。