CVE-2021-21604
Summary
| CVE | CVE-2021-21604 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2021-01-13 16:15:00 UTC |
| Updated | 2023-10-25 18:16:00 UTC |
| Description | Jenkins 2.274 and earlier, LTS 2.263.1 and earlier allows attackers with permission to create or configure various objects to inject crafted content into Old Data Monitor that results in the instantiation of potentially unsafe objects once discarded by an administrator. |
Risk And Classification
Problem Types: CWE-502
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Jenkins Security Advisory 2021-01-13 | CONFIRM | www.jenkins.io | Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 501021 Alpine Linux Security Update for jenkins
- 501586 Alpine Linux Security Update for jenkins
- 770050 Red Hat OpenShift Container Platform Security and Packages Update 4.6.17 (RHSA-2021:0423)
- 770051 Red Hat OpenShift Container Platform 4.5.33 Packages and Security Update (RHSA-2021:0429)
- 770099 Red Hat OpenShift Container Platform 4.5 Security Update (RHSA-2021-0429)
- 770122 Red Hat OpenShift Container Platform 4.6 Security Update (RHSA-2021-0423)