Jenkins P4 vulnerabilities
4 known vulnerabilities affecting jenkins/p4.
Total CVEs
4
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM3
Vulnerabilities
Page 1 of 1
CVE-2021-21655HIGHCVSS 7.1≤ 1.11.42021-05-11
CVE-2021-21655 [HIGH] CWE-352 CVE-2021-21655: A cross-site request forgery (CSRF) vulnerability in Jenkins P4 Plugin 1.11.4 and earlier allows att
A cross-site request forgery (CSRF) vulnerability in Jenkins P4 Plugin 1.11.4 and earlier allows attackers to connect to an attacker-specified Perforce server using attacker-specified username and password.
nvd
CVE-2021-21654MEDIUMCVSS 4.3≤ 1.11.42021-05-11
CVE-2021-21654 [MEDIUM] CVE-2021-21654: Jenkins P4 Plugin 1.11.4 and earlier does not perform permission checks in multiple HTTP endpoints,
Jenkins P4 Plugin 1.11.4 and earlier does not perform permission checks in multiple HTTP endpoints, allowing attackers with Overall/Read permission to connect to an attacker-specified Perforce server using attacker-specified username and password.
nvd
CVE-2020-2142MEDIUMCVSS 4.3≤ 1.10.102020-03-09
CVE-2020-2142 [MEDIUM] CWE-862 CVE-2020-2142: A missing permission check in Jenkins P4 Plugin 1.10.10 and earlier allows attackers with Overall/Re
A missing permission check in Jenkins P4 Plugin 1.10.10 and earlier allows attackers with Overall/Read permission to trigger builds.
nvd
CVE-2020-2141MEDIUMCVSS 4.3≤ 1.10.102020-03-09
CVE-2020-2141 [MEDIUM] CWE-352 CVE-2020-2141: A cross-site request forgery vulnerability in Jenkins P4 Plugin 1.10.10 and earlier allows attackers
A cross-site request forgery vulnerability in Jenkins P4 Plugin 1.10.10 and earlier allows attackers to trigger builds or add a labels in Perforce.
nvd