CVE-2021-21626 is a vulnerability in Jenkins Warnings Next Generation
Published on March 18, 2021

Jenkins Warnings Next Generation Plugin 8.4.4 and earlier does not perform a permission check in methods implementing form validation, allowing attackers with Item/Read permission but without Item/Workspace or Item/Configure permission to check whether attacker-specified file patterns match workspace contents.

NVD

Products Associated with CVE-2021-21626

Want to know whenever a new CVE is published for Jenkins Warnings Next Generation? stack.watch will email you.

Jenkins Warnings Next Generation

Affected Versions

Jenkins project Jenkins Warnings Next Generation Plugin:

Version unspecified, <= 8.4.4 is affected.
Version 8.4.3.1 is unaffected.

Exploit Probability

EPSS

0.03%

Percentile

8.59%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2021-21626 is a vulnerability in Jenkins Warnings Next GenerationPublished on March 18, 2021

Products Associated with CVE-2021-21626

Affected Versions

Exploit Probability

CVE-2021-21626 is a vulnerability in Jenkins Warnings Next Generation
Published on March 18, 2021