CVE-2021-21607
maven/org.jenkins-ci.main/jenkins-core
Allocation of Resources Without Limits or Throttling
Jenkins does not limit sizes provided as query parameters to graph-rendering URLs, allowing attackers to request crafted URLs that use all available memory in Jenkins, potentially leading to out of memory errors.
All versions after 2.263.1 up to 2.274
Unfortunately, there is no solution available yet.
2021-01-18
source |