Description
A Improper authorization vulnerability exists in Jenkins 2.132 and earlier, 2.121.1 and earlier in Queue.java that allows attackers with Overall/Read permission to cancel queued builds.
Remediation
References
Related Vulnerabilities
Apache HTTP Server Improper Access Control Vulnerability (CVE-2016-4979)
Oracle HTTP Server Out-of-bounds Read Vulnerability (CVE-2021-35940)
MySQL CVE-2018-2813 Vulnerability (CVE-2018-2813)
MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2020-35480)
WordPress Plugin Pinterest Automatic Pin Security Bypass (4.14.3)