Vulnerabilities > Jenkins > P4
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-05-11 | CVE-2021-21654 | Unspecified vulnerability in Jenkins P4 Jenkins P4 Plugin 1.11.4 and earlier does not perform permission checks in multiple HTTP endpoints, allowing attackers with Overall/Read permission to connect to an attacker-specified Perforce server using attacker-specified username and password. | 4.3 |
2021-05-11 | CVE-2021-21655 | Cross-Site Request Forgery (CSRF) vulnerability in Jenkins P4 A cross-site request forgery (CSRF) vulnerability in Jenkins P4 Plugin 1.11.4 and earlier allows attackers to connect to an attacker-specified Perforce server using attacker-specified username and password. | 7.1 |
2020-03-09 | CVE-2020-2142 | Missing Authorization vulnerability in Jenkins P4 A missing permission check in Jenkins P4 Plugin 1.10.10 and earlier allows attackers with Overall/Read permission to trigger builds. | 4.3 |
2020-03-09 | CVE-2020-2141 | Cross-Site Request Forgery (CSRF) vulnerability in Jenkins P4 A cross-site request forgery vulnerability in Jenkins P4 Plugin 1.10.10 and earlier allows attackers to trigger builds or add a labels in Perforce. | 4.3 |