Vulnerabilities > Jenkins > S3 Publisher > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-05-11 CVE-2021-21650 Unspecified vulnerability in Jenkins S3 Publisher
Jenkins S3 publisher Plugin 0.11.6 and earlier does not perform Run/Artifacts permission checks in various HTTP endpoints and API models, allowing attackers with Item/Read permission to obtain information about artifacts uploaded to S3, if the optional Run/Artifacts permission is enabled.
network
low complexity
jenkins
4.3
2021-05-11 CVE-2021-21651 Unspecified vulnerability in Jenkins S3 Publisher
Jenkins S3 publisher Plugin 0.11.6 and earlier does not perform a permission check in an HTTP endpoint, allowing attackers with Overall/Read permission to obtain the list of configured profiles.
network
low complexity
jenkins
4.3