Jenkins Role-based_authorization_strategy

4 CVEs affecting Jenkins Role-based_authorization_strategy. Latest disclosed: 2023-04-02. Critical: 1, High: 2.

Top CVEs affecting Jenkins Role-based_authorization_strategy
CVESeverityScorePublishedSummary
CVE-2023-28668Critical9.82023-04-02Jenkins Role-based Authorization Strategy Plugin 587.v2872c41fa_e51 and earlier grants permissions even after they've been disabled.
CVE-2020-2286High8.82020-10-08Jenkins Role-based Authorization Strategy Plugin 3.0 and earlier does not properly invalidate a permission cache when the configuration is changed, resulting i…
CVE-2017-1000090High8.82017-10-05Role-based Authorization Strategy Plugin was not requiring requests to its API be sent via POST, thereby opening itself to Cross-Site Request Forgery attacks…
CVE-2021-21624Medium4.32021-03-18An incorrect permission check in Jenkins Role-based Authorization Strategy Plugin 3.1 and earlier allows attackers with Item/Read permission on nested items to…