Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Jenkins Subscribe

Filtered by product Matrix Authorization Strategy

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2021-21623	1 Jenkins	1 Matrix Authorization Strategy	2021-03-23	4.0 MEDIUM	6.5 MEDIUM
An incorrect permission check in Jenkins Matrix Authorization Strategy Plugin 2.6.5 and earlier allows attackers with Item/Read permission on nested items to access them, even if they lack Item/Read permission for parent folders.
CVE-2020-2226	1 Jenkins	1 Matrix Authorization Strategy	2020-07-22	3.5 LOW	5.4 MEDIUM
Jenkins Matrix Authorization Strategy Plugin 2.6.1 and earlier does not escape user names shown in the configuration, resulting in a stored cross-site scripting vulnerability.