CVE-2021-21670: Incorrect Authorization
(updated )
Jenkins allows users to cancel queue items and abort builds of jobs for which they have Item/Cancel
permission even when they do not have Item/Read
permission.
References
Detect and mitigate CVE-2021-21670 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →