Lucene search
GoogleOSV:CVE-2021-21639HistoryApr 07, 2021 - 2:15 p.m.
CVE-2021-21639
2021-04-0714:15:16
Google
osv.dev
5
Jenkins 2.286 and earlier, LTS 2.277.1 and earlier does not validate the type of object created after loading the data submitted to the config.xml REST API endpoint of a node, allowing attackers with Computer/Configure permission to replace a node with one of a different type.
Related
redhatcve
redhatcve
CVE-2021-21639
2021-04-07 17:15:59
osv
osv
BIT-jenkins-2021-21639
2024-03-06 11:02:13
Lack of type validation in agent related REST API in Jenkins
2022-05-24 17:46:47
nvd
nvd
CVE-2021-21639
2021-04-07 14:15:16
ubuntucve
ubuntucve
CVE-2021-21639
2021-04-07 00:00:00
github
github
Lack of type validation in agent related REST API in Jenkins
2022-05-24 17:46:47
prion
prion
Design/Logic Flaw
2021-04-07 14:15:00
veracode
veracode
Insecure Validation
2021-04-14 11:42:55
alpinelinux
alpinelinux
CVE-2021-21639
2021-04-07 14:15:16
cve
cve
CVE-2021-21639
2021-04-07 14:15:16
cvelist
cvelist
CVE-2021-21639
2021-04-07 13:50:13
freebsd
freebsd
jenkins -- multiple vulnerabilities
2021-04-07 00:00:00
openvas
openvas
Jenkins < 2.287, < 2.277.2 LTS Multiple Vulnerabilities - Windows
2022-08-29 00:00:00
Jenkins < 2.287, < 2.277.2 LTS Multiple Vulnerabilities - Linux
2022-08-29 00:00:00
nessus
nessus
FreeBSD : jenkins -- multiple vulnerabilities (9595d002-edeb-4602-be2d-791cd654247e)
2021-04-14 00:00:00
RHEL 7 / 8 : OpenShift Container Platform 4.7.11 (RHSA-2021:1551)
2021-05-20 00:00:00
Jenkins LTS < 2.277.2 / Jenkins weekly < 2.287 Multiple Vulnerabilities
2021-04-09 00:00:00
redhat
redhat