CVE-2021-21641

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2021-21641

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-21641.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2021-21641

Aliases

GHSA-5cxw-8v65-76vf

Published

2021-04-07T14:15:17.093Z

Modified

2026-04-10T04:29:46.619164Z

Severity

4.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N CVSS Calculator

Summary

[none]

Details

A cross-site request forgery (CSRF) vulnerability in Jenkins promoted builds Plugin 3.9 and earlier allows attackers to to promote builds.

References

Affected packages

Git / github.com/jenkinsci/promoted-builds-plugin

Affected ranges

Type

GIT

Repo

https://github.com/jenkinsci/promoted-builds-plugin

Events

Introduced

Last affected

5b741e2a66e1863360e599763dd4a868ba8d96d8

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "3.9"
        }
    ]
}

Affected versions

promoted-builds-1.*

promoted-builds-1.11

promoted-builds-2.*

promoted-builds-2.0

promoted-builds-2.1

promoted-builds-2.10

promoted-builds-2.11

promoted-builds-2.12

promoted-builds-2.13

promoted-builds-2.14

promoted-builds-2.15

promoted-builds-2.16

promoted-builds-2.17

promoted-builds-2.18

promoted-builds-2.19

promoted-builds-2.2

promoted-builds-2.20

promoted-builds-2.21

promoted-builds-2.23

promoted-builds-2.23.1

promoted-builds-2.24

promoted-builds-2.24.1

promoted-builds-2.25

promoted-builds-2.26

promoted-builds-2.27

promoted-builds-2.28

promoted-builds-2.28.1

promoted-builds-2.29

promoted-builds-2.29.1

promoted-builds-2.3

promoted-builds-2.3.1

promoted-builds-2.30

promoted-builds-2.31

promoted-builds-2.31.1

promoted-builds-2.4

promoted-builds-2.5

promoted-builds-2.6

promoted-builds-2.6.1

promoted-builds-2.6.2

promoted-builds-2.7

promoted-builds-2.8

promoted-builds-2.9

promoted-builds-3.*

promoted-builds-3.0

promoted-builds-3.1

promoted-builds-3.2

promoted-builds-3.3

promoted-builds-3.4

promoted-builds-3.5

promoted-builds-3.6

promoted-builds-3.7

promoted-builds-3.9

Other

untagged-0514034a2dbca289d2ca

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-21641.json"