Vulnetix
Try Vulnetix Request Demo
CVE-2021-21607 PUBLISHED

Jenkins 2.274 and earlier, LTS 2.263.1 and earlier does not limit sizes provided as query parameters to graph-rendering URLs, allowing attackers to request crafted URLs that use all available memory in Jenkins, potentially leading to out of memory errors.

EPSS 0.33% · 55.8th percentile

Risk Scores

EPSS Score
0.33%
55.8th percentile

Affected Products

VendorProductVersions
Bitnamijenkins0
Bitnamijenkins0

Timeline

References

Open in Interactive Console →