Jenkins Plugin Security Advisory: RCE, XXE, CSRF Bypass (CVE-2021-21677-21681)
Security AdvisorySA-CORE-2021-005HighJenkins
Affected:
- Code Coverage Plugin <= 1.4.0
- SAML Plugin <= 2.0.7
- Microsoft Entra ID (previously Azure AD) Plugin <= 179.vf6841393099e
- Nested View Plugin <= 1.20
- Nomad Plugin <= 0.7.4
Fixed in:
- Code Coverage Plugin 1.4.1
- Microsoft Entra ID (previously Azure AD) Plugin 180.v8b1e80e6f242
- Nested View Plugin 1.21
- Nomad Plugin 0.7.5
- SAML Plugin 2.0.8
参照 CVE: CVE-2021-21677
文章内图片已隐藏以节省流量 · 升级 Pro 后可见图片及离线存档
本文由本平台从 www.jenkins.io 自动抓取,经 LLM 流水线清洗、双语翻译。版权归原作者。查看原文。