CVE-2021-21633

EPSS 0.07% · P22 Updated Feb 24, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2021-21633

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

A cross-site request forgery (CSRF) vulnerability in Jenkins OWASP Dependency-Track Plugin 3.1.0 and earlier allows attackers to connect to an attacker-specified URL, capturing credentials stored in Jenkins.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Jenkins OWASP Dependency-Track 跨站请求伪造漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Dependency-Track是一套用于识别第三方组件风险的智能供应链组件分析平台。 Jenkins OWASP Dependency-Track Plugin 3.1.0 and earlier 存在跨站请求伪造漏洞，该漏洞允许攻击者连接到指定的URL，捕获存储在Jenkins中的凭证。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
Jenkins project	Jenkins OWASP Dependency-Track Plugin	1.1.0 ~ unspecified	-

II. Public POCs for CVE-2021-21633

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2021-21633

请登录查看更多情报信息。

https://www.jenkins.io/security/advisory/2021-03-30/#SECURITY-2250x_refsource_CONFIRM
http://www.openwall.com/lists/oss-security/2021/03/30/1mailing-listx_refsource_MLIST
https://nvd.nist.gov/vuln/detail/CVE-2021-21633

Same Patch Batch · Jenkins project · 2021-03-30 · 11 CVEs total

CVE-2021-21638		Jenkins Team Foundation Server 跨站请求伪造漏洞
CVE-2021-21637		Jenkins Team Foundation Server 安全漏洞
CVE-2021-21636		Jenkins Team Foundation Server 安全漏洞
CVE-2021-21635		Jenkins REST List Parameter 跨站脚本漏洞
CVE-2021-21634		Jenkins Jabber (XMPP) notifier and control 安全漏洞
CVE-2021-21632		Dependency-Track 安全漏洞
CVE-2021-21631		Jenkins Cloud Statistics 安全漏洞
CVE-2021-21630		Jenkins Extra Columns 跨站脚本漏洞
CVE-2021-21629		Jenkins Build With Parameters Plugin 跨站请求伪造漏洞
CVE-2021-21628		Jenkins Parameterized Build 跨站脚本漏洞

IV. Related Vulnerabilities

Same product: Jenkins OWASP Dependency-Track Plugin

CVE-2021-21632
Dependency-Track 安全漏洞

Same vendor: Jenkins project

V. Comments for CVE-2021-21633

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2021-21633

I. Basic Information for CVE-2021-21633

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2021-21633

III. Intelligence Information for CVE-2021-21633

Same Patch Batch · Jenkins project · 2021-03-30 · 11 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2021-21633

Leave a comment