Vulnerabilities > Jenkins > P4 > 1.11.4
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-05-11 | CVE-2021-21654 | Unspecified vulnerability in Jenkins P4 Jenkins P4 Plugin 1.11.4 and earlier does not perform permission checks in multiple HTTP endpoints, allowing attackers with Overall/Read permission to connect to an attacker-specified Perforce server using attacker-specified username and password. | 4.3 |
| 2021-05-11 | CVE-2021-21655 | Cross-Site Request Forgery (CSRF) vulnerability in Jenkins P4 A cross-site request forgery (CSRF) vulnerability in Jenkins P4 Plugin 1.11.4 and earlier allows attackers to connect to an attacker-specified Perforce server using attacker-specified username and password. | 7.1 |